Why Security Baselines are Important

Posted by Winnie Melda on November 26th, 2018

Abstract

There has been a decrease in the size of computing machinery and a simultaneous increase their computing power in the last decade. This has led to the growth and development of mobile computing concept. The vision is evidenced in the flourishing amount of mobile phones and other portable computing devices. This paper shall investigate some emerging issues that concern the security of mobile computing systems within their mobility, disconnection, modes of data access, and their scale of operation. In contrast, to the wireless communications security in the previous research, the looks at some of the current trends companies face with mobile computing security and some of the remediation steps the companies take to ensure there is the maintenance of data confidentiality and integrity.

Mobile Computing Security

Introduction

            Mobile computing communications have grown immensely bringing with it benefits such as convenience, flexibility, and the ability for the users to communicate with other fixed network while still moving. Mobile computing devices such as PDAs, tablets, smart cell phones, laptop computers, and mobile data storage computers have become very popular at all user and application levels. This has resulted in spreading of a new computing platform popularly known as mobile computing. The platform can be described as accessing computer resources from any place using mobile devices. However, mobile computing platform comes with new security risks and problems that need recognizing and addressing to keep the platform safe and secure.

            What follows is the list of the primary mobile computing security trends. Most of the issues can fall under data availability, confidentiality, and integrity (Imielinski & Badrinath, 1993).

  • Data loss resulting from lost, stolen, or decomposed devices: The nature of mobile computing devices is that they move with us. The information accessed through them means that their loss or theft impacts on the user immediately. Additionally, data leakage may result from weak passwords access, no passwords, and lack of encryption. Users may discard the device without realizing how they are impacting on data security.
  • Malware: There are many application downloads and installations with mobile devices especially the Android. Android users download and install applications from the third party markets thereby disseminating malicious codes. Malware steals data from the host devices.
  • Data loss resulting from data leakage through poorly-written applications: Smartphones, especially the Android and iOS, have seen their applications grown exponentially. Certain data collection processes have questionable necessity where the applications demand excessive data access or gather more data than they do not need.
  • Vulnerabilities resulting from hardware, applications, OS, and third party applications: The above mobile components have defects thereby making them susceptible to exfiltration, data injection, and malicious codes. The mobile computing devices unique ecosystem in addition to its cellular communication capabilities provides a special array of security concerns to its components.
  • Poorly secure Wi-Fi, network access, and rogue access points: Poorly secured and unsecured Wi-Fi have been there for long. The fact that most of the users are mobile, and there is a limitation in data plans, there is an increase in the use of Wi-Fi in public places. The number of places that provide Wi-Fi especially free Wi-Fi has increased over some years thereby increasing the surface on which users can be attacked once they connect to these networks (Veijalainen & Visa, 2003).
  • Unsecured marketplaces: Mobile devices especially the Android offer users multiple options to download and install applications. Unlike the iOS that needs to get jailbroken, Android users can choose to download and install applications from other marketplaces besides Google’s Play Store marketplace. Currently, most of the malicious codes suffered by Android have been distributed through other application stores, and they go on to steal data and information from the host device.
  • Near-field communication (NFC) and proximity-based hacking: NFC allows communication between mobile devices through a short-range wireless technology. The technology is applied in conducting payment transactions, social media. Delivery of coupon, and sharing contact information. Considering the value of the information transmitted, NFC could be a future target for the attackers. At the moment, this threat is low because it is still in the phase of proof-of-concept (Kempf et al., 2004).

Remediation Steps

            Businesses should drop the thought that business is as usual when it comes to security and where they need to focus security efforts. Most of these threats are unknown to IT or have not been enhanced by mobile devices. Traditional security controls such as network firewalls, IDS, and centralized content filtering may not help in protecting the data transmitted between mobile devices.

            One of the remediation steps is the change of consumer nature through which apps are acquired for mobile devices. It has shown up in the list of the threats above. Previous technologies have lent themselves to a centralized IT control. However, mobile devices are purely controlled by the person holding the device. They are, therefore, in control of what can be added to the device. Such people should, therefore, take necessary security measures.

            Mobile device users should ensure their mobile devices and information contained in them are always protected and adhere to certain requirements and standards such as strong passwords, locking, strong encryption, regular backups, installation of current software, and firewalls where applicable. Use of Mobile IPv6 (MIPv6) protocol that is developed as a subset of IPv6 to help in securing the connections between mobile devices would also help. Using MIPv6 takes care of the quality of service and the management of mobility issues in the mobile computing environmental settings. The standard is very efficient in aiding and securing data transmission between mobile devices (Aissi, Dabbous, & Prasad, 2006).

            Users could also make use new technologies such as Wireless Application Protocol (WAP) and PalmOS used in some mobile devices such as mobile phones and Palmtops. The technologies provide some required security in the wireless mobile environment. The technologies involve data encryption and decryption using the Wireless Transport Layer Protocol (WLTS) before it is forwarded to the intended destination. This protects the transmission of the data and information transmitted by between mobile devices thereby preserving data confidentiality, integrity, and availability (Beller et al., 1993).

Conclusion

            Mobile computing is an overall term that describes technologies that enable people to access network services anytime and anywhere. The technology is beneficial to everyone especially the end users. However, the technology is not protected as it should be. It requires high security and protection measures. It also introduces new security and protection issues and problems. The paper has introduced security threats that face mobile computing and presented some of the remediation steps and measures that users should take to handle the security threats. However, there is a requirement for further analysis of the threats and proposal of new ways to handle the threats.

References

Aissi, S., Dabbous, N., & Prasad, A. (2006). Security for mobile networks and platforms.   Norwood, MA: Artech House.

Beller, M. J., Chang, L. F., & Yacobi, Y. (1993). Privacy and authentication on a portable             communications system. IEEE Journal on Selected Areas in Communications, 11 (6),           821-829.

Sherry Roberts is the author of this paper. A senior editor at MeldaResearch.Com in customized term papers if you need a similar paper you can place your order for research paper custom.

Like it? Share it!


Winnie Melda

About the Author

Winnie Melda
Joined: December 7th, 2017
Articles Posted: 364

More by this author