Most businesses recognize that mobile computing, particularly with the prevalence of BYOD, is a major security threat, as detailed in the recent Gigaom Research report, Managing mobile risk: threat management and security. Typical first security steps include the use of passcodes and of applications that track, lock, and wipe devices as required.
Prior infection predicts future infection
But responsible end user behavior is also critical for mobile security, as highlighted in a new study by the mobile security firm Lookout. Based on analysis of security threats detected on the more than 50 million mobile devices covered by its service in calendar year 2013, Lookout determined:
- Having a malware trojan on your phone means you’re seven times more likely to download another app with a trojan.
- Your risk of downloading a malware trojan triples if you have already downloaded a root enabler.
- If you’ve encountered adware once, you’re twice as likely to download an app riddled with adware a second time.
- A device with chargeware more than doubles your risk of encountering a malware trojan in a different app you download.
What does this mean?
In short, it is risky behavior such as downloading untrusted apps, going to a site with driveby downloading, or carelessly agreeing to terms for future ‘chargeware’ billing via premium SMS (prevalent with mobile porn) that leads to most infections. And, users who infect their device by engaging in that behavior once are likely to repeat the behavior and infect their devices again.
As Jeremy Linden, security product manager for Lookout, points out, infection of a BYOD mobile device is a key way that increasingly sophisticated cyber criminals can penetrate a corporate firewall and otherwise safe systems. So catching the threats and changing employee behavior are critical to enterprise mobile security.
What to do about it
Some commonsense steps to countering this behavioral vulnerability include the following:
- Make sure all employees are educated and current on the frequency and types of mobile threats that they may encounter and what good practices are (e.g., visiting only trusted app stores) to minimize their vulnerability.
- Be sure that your mobile security software can centrally identify and pinpoint specific threats and infections that individual employees encounter on their devices.
- Make sure those employees who have suffered an infection once are especially further trained to assure they modify their behavior toward more safe practices.
Some good news, too
There was some good news in the Lookout report as well. Since Google, especially, from 3Q13, has started to crack down on adware, the frequency of adware infection has started to decline. Adware is still the most prevalent issue—and it includes unwanted data leakage as well as unwanted ad display—but the downward trend suggests that industry action and consensus can contribute to curbing threats as well.