We all know how important it is to protect your desktop and laptop computers from malicious threats. Installing antivirus and security software is one of the first steps you take when you get a new computer, and for good reason. With that said, a lot of users don’t think about the threats that target their most-used devices, their smartphones. Smartphone malware is a serious threat.
Malware and other cybersecurity threats are not a new thing to smartphones and mobile devices, but they don’t tend to get the same attention as threats that target larger devices. This might be because, for the most part, mobile device malware is a little less common, or at least a little less intrusive. That doesn’t make it any less of a problem though.
You might also feel a little less at risk simply because of your relationship with your device. Our smartphone is often with us day and night, at work and at home. Combine that with the fact that most users use their smartphones in a sort of echochamber, smartphones might not be directly exposed to threats as often as they are on a PC, but you still need to stay alert. We’ll get to more on this shortly, but first it’s important to break down the risks based on whether you have an iOS or Android device.
Apple may tout iOS as being the safest mobile operating system on the market, but it has never been completely safe. The biggest risks are only a problem for users who have jailbroken iPhones, meaning they ‘hacked’ their own device to allow themselves to bypass Apple’s built-in security restrictions. If you haven’t done that, you are avoiding a lot of risk. The other kind involves a more major type of risk called a zero-day hack. Zero-day hacks target devices that haven’t received a security update after the security update has been released to the public. With these scenarios you kind of have to trust Apple to keep your device safe. They certainly want to keep their reputation, so trusting in them to do so isn’t invalidated.
Android is in a different situation. There are a lot more risks for Android devices, simply because there are many different manufacturers making and supporting the operating system. If you have an Android, do not worry and think you have to switch to an iPhone, being educated on the topic is a great first step. For example, Samsung uses a slightly customized version of Android, and if you have a Galaxy Note 10, you’ll get the latest updates to Android on a different schedule than Google’s Pixel.
Android is also more open and flexible than iOS, which is why a lot of users prefer Android over iOS. If you want to install an application that hasn’t been vetted by Google, you can. You can also jailbreak an Android device, which, similar to jailbreaking an iPhone, can override some of the built-in security restrictions. Even installing apps off of the Google Play Store can sometimes lead to malware being installed.
That isn’t to say you should abandon Android or restrict your employees from using Android devices to access company email or other apps. Many long-time Android users never experience malware – it depends on how you use your device.
How to Protect Your Smartphone from Malware
Rely on that Echochamber – We mentioned this earlier, but both Android and iOS feature their own app stores. Although Android devices can install applications that aren’t on the Google Play store, most modern devices make it a little harder to do so. If you don’t jailbreak your phone, and you only install applications that are thoroughly vetted, positively reviewed, and come directly from the Apple App Store or Google Play, you will greatly reduce the risk of infecting your device. Jailbreaking your phone may get you cool effects but it is not worth the possible consequences.
Don’t Get Phished – Many threats these days don’t even rely on infecting a certain device to get things going. Instead, they rely on the end user to slip up and make a mistake. Phishing attacks are a prime example of this. A user will get a legitimate-looking email from a bank, online store, or other common online account and be asked to submit their login credentials. This email is actually spoofed and made to look real, and upon logging in, the password will be sent to a cybercriminal instead. If you would like more information on phishing, we have plenty of blogs regarding the topic.
Install Anti-malware – Most antivirus and anti-malware software providers have Android apps. It’s not a bad idea to have something running on your phone to help protect you.
Establish Device Security Policies – If you are a business owner and your employees use their personal devices to check email, review documents, and communicate for work, it’s a good idea to establish a mobile device policy. You can require users to enable device locking, encryption, and other security features. This gets set up on your network, and when they sign in to their email on their device, their device has to comply with your company’s requirements before they can get access to anything.
We hope this showed how smartphone malware is a serious threat. We can help you protect your company data, including helping you establish centralized mobile device security policies. If you would like to set up a data security plan or if you want to learn more, don’t hesitate to give us a call at (813) 749-0895. We handle all things IT and can protect your business 24/7 where it needs it most.