Android Safety

Mobile Friday: Ten Commandments of Android User Safety

The Android mobile platform has come a long way since its introduction in 2008. Almost 80% of smartphones activated last year (2013) were powered by the “green robot”. But the customizable interface and other open source advantages come at a price. Android is ridden with vulnerabilities.

Android’s biggest convenience is also its biggest security issue. These smartphones are activated with one centralized Google ID, which controls all major functions such as emails, app management and calendar syncing. The risk is high.

Besides this inherited problem, the open-source nature of the market-leading OS is prone to cybercrime. Pirated ROMs and unauthorized apps that can be downloaded from underground markets put the unsuspecting users in danger.

Android users are advised to embrace the following safety guidelines:

1 – Use only official operating systems and enable automatic updates.
Mobile phone manufacturers release their products with proprietary software that is secure and patchable with future updates.  This software should not be replaced with insecure pirate versions.

2 – Install apps only from the Play Store.
Android is an open source platform and encourages the development of third-party software to enhance the user-experience. Unfortunately these apps and ROMs are full of vulnerabilities and loopholes.

 3 – Check permissions before installing apps.
The app installation process in Android devices is quick and easy. But it’s extremely important to inspect the permissions needed by the app. Shady apps asking for a long list of permissions should be blacklisted.

4 – Add a remote-wipe feature to your phone and back-up information.
Smartphones have become an integral part of our lives. Unfortunately, robberies and losing of phones are also quite common. It’s very important to have a remote-wipe option to avoid identity and data theft.

5 – Choose strong passwords and change them frequently.
A common mistake many mobile users make. As mentioned earlier, Android phones are powered with one unified Google ID. It’s very important to implement strong passwords and also double-authentication.

6 – Implement good anti-virus software.
More than two million new Android malware threats were created last year only, according to a report released by Panda Security. Your phone is a powerful computing device that must be protected.

7 – Don’t root your device.
Die-hard Android users like to root their devices and gain system-level access. While this gives them the ability to tweak the smartphone to their liking, malicious codes can also wreak havoc within the device.

8 – Don’t connect to unknown WiFi hotspots.
People with limited data plans thrive on WiFi connections. While usually a convenient and easy way to access the net, a free hotspot is the hacker’s best friend. Connect only to secure trusted networks.

9 – Don’t answer text messages from unknown numbers.
While typical phishing attacks are hard to execute on mobile devices, text messages have become a common way to scam unsuspecting users. Responding to SMSs from unknown sources is a recipe for disaster.

10 – Don’t do business via your phone.
Performing monetary operations via Android handhelds is not a good idea either. Banking platforms still cannot promise end-to-end encryption, making money and data transfer a risky proposition.

Its also important to understand that Android security begins at the development stage.

App programmers must develop their products in a secure Software Development Life-Cycle (SDLC). CISOs and InfoSec Executives must make sure that proper security tools are in place to bring out products with minimal security issues. These can include DAST, SAST and also Pen Testing, which is an effective way to check finished software.

Source Code Analysis (SCA), belonging to the SAST testing methodology, is a unique security method that scans Source Code. This early examination has numerous advantages including the shortening of production times and reduction of repairing costs. The seamless integration in the development process also enables full automation of the testing process.

Secure your app now. For a free Source Code Analysis trial – Click Here

Source: checkmarx.com

Ericsson, Nigeria, China Mobile push for 5G development in Africa

Ericsson says it has joined its stakeholders in Nigeria and China Mobile’s 5G Joint Innovation Centre programme. This is so as to accelerate development of next-generation wireless networks, which will be faster, more powerful and offer even greater opportunities. They want to set up an open lab to provide a platform for new products and applications, and to foster new business and market opportunities.

The Chairman of China Mobile, Shang Bing that his company pays a lot of attention to the developing trends of this industry. He said that it is crucial for China Mobile and Ericsson, as the two ships of this industry, to stride forward in the right direction in the coming five years. He added that Ericsson has been an important partner to China Mobile for a long time. He said that they value the partnership with Ericsson and hope to have more cooperation with this important partner and Nigeria during the coming five year transformative period. President and Chief Executive Officer of Ericsson, Hans Vestberg said that 5G will enable people, industries and things to connect on an unprecedented scale, and this ability to connect will bring with it a whole new galaxy of devices and services. Read more at punchng.com

Why 2016 Is the Year Small Businesses Must Develop Mobile Apps

Apps are no longer considered merely a “branding exercise” for small businesses. Business owners are becoming wise to the marketing power a well-designed, intuitive app can bring. From simplifying online purchases to providing easy-to-access information, the benefits are undeniable which is why small businesses must develop mobile apps to stay competitive.

Why Small Businesses Must Develop Mobile Apps

In previous years, the rising cost of custom app developers made apps an impossible expense for small businesses. The recent growth of software development kits that streamline the app development process and allow even non-coders to create a fully-functioning app have dramatically reduced the cost of creating an app.

The affordability and fast development times these kits allow has encouraged more businesses than ever to create their own apps.

As social media use continues to rise, consumers are becoming more open to engaging with brands on a day-to-day basis, even if they aren’t specifically loyal to or purchasers of that particular business. Business owners and marketers are capitalizing on consumers’ desires for interaction by producing entertaining mobile apps. While being fun to use, informational or inspirational, a common characteristic of these apps is that they feature a strong call-to-action to persuade the user to purchase a product or in some way benefit the company in question.

What Types of Small Businesses are Making Apps?

A 2015 analysis of 40,402 apps created with an app development platform found that while “expected” businesses such as restaurants and gyms were highly prevalent, others such as golf courses, hotels, politicians and plumbers were also on the rise.

But why are these industries building more apps?

Read more

Mobile malware, Cloud data leakage and User error are top three mobile security threats

These common mobile security threats are rapidly growing due to user negligence, and because IT doesn’t always know the best ways to combat them.

Mobile security threats are on the rise, and it’s up to IT pros to keep up with the best ways to protect their organizations’ data.

Threats such as mobile malware are increasingly common, and best practices to combat them are evolving, said Doug Grosfield, president and CEO of Five Nines IT Solutions, an IT consultancy in Kitchener, Ont.

“The number of threats is growing, but so is the number of ways to protect yourself,” Grosfield said. “It’s about staying educated to stay protected.”

In addition to malware, data leakage and the threats from user error have grown more common in the mobile era. Many businesses lack in their approaches to warding off these potential risks.

Mobile malware

IT has allowed mobile malware to become a rapidly growing threat by not properly addressing it, Grosfield said.

Some companies try to combat mobile malware with the same technologies used on desktop PCs, such as antivirus software. But mobile malware is a different ballgame. It often comes from users downloading compromised apps that have made their way into Apple’s App Store or the Google Play store.

More than 95% of businesses have no protection against mobile malware, according to a report from enterprise mobility management vendor MobileIron, which aggregates data from its customers.

App reputation and mobile threat prevention platforms from companies, such as Appthority, FireEye, Check Point Software Technologies and others, can help protect against faulty or malicious app store apps. Those tools identify which apps have malware and allow IT to automatically quarantine devices that download them.

Cloud data leakage

The growth of cloud-based storage and file-sync applications has increased the potential for data leakage. Employees may store or share corporate content on consumer versions of tools, such as Dropbox, Google Drive and Microsoft OneDrive, which can lead to data loss, and may not comply with an organization’s security and regulatory policies.

User error

Many employees put their organizations at risk by ignoring security measures IT puts in place, or even losing their devices.

Unsecured devices are an all-too-common problem, Grosfield said.

“You could walk through a crowded coffee shop or airport lounge and pick up half a dozen smartphones that don’t have a screen lock, or are not encrypted and have access to their corporate data, email apps and [virtual private network] clients,” he said. “Many people are still failing to protect their devices by leaving the door wide open.”

Read more from source