This week’s news flash: Ransomware has hit iOS. A scam that’s freezing iPhones and iPads and demanding cash to unlock the phones is being reported by users around the world.
It appears that a hacker has exploited the Find My iPhone feature which can track and remotely lock stolen devices. A ransom alert demands cash be sent via PayPal in order to free the phone or tablet.
Enabling a passcode on your device, using two-step verification and setting a different password for each of your accounts are good defensive measures. Users are also urged to update (and upgrade) their iCloud Apple ID passcodes. You can also find some tips on what to do if your phone has been hacked here.
Another reminder that as we increasingly rely on phones and tablets as our primary computing devices, they become more attractive to cyber attackers, putting both our personal and corporate data at risk.
Encryption flaws on mobile mail programs have been frequenting the headlines recently as well (you might recall Appthority commenting on Apple’s email attachment fiasco earlier this month). Last week it was reported that Microsoft’s Outlook.com emails are stored unencrypted on the SD cards of Android devices. Essentially, if an SD card is removed or an Android device is in the hands of someone with nefarious intentions, emails and attachments are relatively easy to access. The user can “protect” their emails by setting a pincode, but this does not encrypt data – it simply controls access to the app.
While Apple has admitted fault for their security lapse and is working to rectify this problem, Microsoft maintains that if the user would like a moresecure experience, they can encrypt their SD card data themselves.
This brings us to the ongoing mobile security issue and a shared responsibility. The companies behind apps that handle sensitive information (email, personal and corporate data, etc.) need to make bake in rock solid security. However, companies also need to protect themselves by understanding the privacy and security risk behaviors behind the apps their employees use.
This week Appthority’s Chief Architect and Co-Founder, Kevin Watkins, spoke with Fahmida Rashid of PC Mag to provide some expert commentaryon the importance of protecting mobile data.
Enterprise and government workforces demand mobility for productivity, but IT lacks visibility into the hidden risky behaviors of apps, such as accessing corporate data, and therefore doesn’t know which apps to allow or restrict. Appthority’s App Risk Management service provides unprecedented control over mobile device management. Enterprise customers can easily determine and enforce the best acceptable use policies for their organization and employees within minutes, enabling a safe and secure mobile workforce.