Mobile devices are vulnerable just like your network, servers, laptops, and desktops. Your risk analysis should include checking on any types of messages, pictures, or access to your data that can be done on your smartphones. Even if you don’t put PHI on them they may be able to be used against you in some way to crack your network and your PHI.

Patches

  • Android updates and know your version of Android
    • Wipe leaves some stuff on old Android versions
  • iOS updates and know your version
    • Windows is so small market share but mention it

Encryption

  • Android
    • Option to encrypt this device
    • Lock screen setting to wipe device after X failed logins
  • iOS
    • data protection turns on with password set
      • set to wipe if after X number failed logins

MDM – Mobile Device Management

  • What is it
  • What can you do with it

BYOD – Bring Your Own Device

  • Set rules to follow
  • Do checks for software updates
  • Don’t let kids play with phone
  • MDM?

Backup

If you lose the phone or it dies will you lose important things?  Figure out a backup plan but make sure it is properly secured too.

Unsecured WiFi and Bluetooth

  • Try not to use it unless necessary
  • Bluetooth can be used to connect to your phone within 30 feet
  • Personal WAN can be used to jump on your connection and use your data plans

Final Notes

Understand this is the new frontier for hackers. Ransomware and malware for smartphones are growing quickly

Check out this episode!