NEWS FROM THE LAB - Monday, January 31, 2011

Mobile Security Tips Posted by Response @ 02:16 GMT

CES 2011 kicked off the year with a preview of what's upcoming in mobile computing. Expect more releases of high-spec smartphones and tablets, possibly powered by a dual-core CPU such as NVIDIA Tegra 2. Some of us are wooed by the sneak peak of phones such as the LG Optimus 2X and Motorola Atrix 4G, and certainly are looking forward to their releases this quarter.

With data charges getting cheaper and technologies in mobile computing getting more powerful, mobile devices are becoming more like a small personal computer. Moreover, the availability of applications that aid users to easily perform banking transaction, online shopping, flight booking and just plain Web browsing further encourages users to rely on their smartphones.

The surge in mobile computing popularity is opening new doors for malicious attacks. Since it is a relatively new area, some of us are not aware of the risk awaiting and are not really sure of how to protect ourselves. For a start, here are some useful tips:

1. Keep your system updated

Don't take this for granted. Keeping your mobile operating system updated not only allow you to enjoy the latest offerings, but also helps to protect your security. Similar to a good practice with your personal computer, having your system up-to-date could prevent malicious attacks that take advantage of unpatched security holes or vulnerabilities.

2. Install a security application in your phone

As your mobile device functioning more like a mini computer, it becomes an increasingly attractive target for attacks or theft. And that situation calls for a need to protect your physical device and the data it contains. Our Mobile Security application for instance, offer features that help to safeguard your data, protect against threats and locate your lost or stolen phone.

3. Watch where you click and land

We anticipate that scams and phishing to obtain personal or credit card information will be the most active attacks on mobile users. Social engineering methods would be used to lure users into clicking on malicious links or to trick them into surrendering valuable information. So, check out if a website starts with "https" before you enter sensitive information.

4. Refrain from doing transactions on a public network

A public network is useful and may help you save on data charges. However, keep in mind that the public Wi-Fi that your phone is connected to might not be secure. Just to stay on the safe side, limit your activity to browsing and avoid committing any important transactions.

5. Install or obtain applications from trusted source

Part of the fun (and convenience) in having a smartphone is making use of various applications which let you do a lot of things. There are plenty of applications out there, and some are offered through independent, unmonitored channel. Be careful of what you installed and watch out for the source. Some of the sources may contain repackaged apps that contain malicious content.

6. Make it a habit to check each applications' data access on your phone

Some applications may have access to your data or personal information. Be wary of the access that is outside of the scope or purpose of the applications. For example, a game application that has the access to SMS (read, write and send), calling, phonebook entries, and system files should trigger your suspicion for why it requires such access. If you have any doubt about an application, do not install it.

This year, we aim to further explore the emerging trend in mobile threats. Keep posted for the latest findings and news in mobile security.

Response Post by — Zimry Ong