The European Network and Information Security Agency (ENISA) has published a new report (PDF) in which it warns of the possible security threats posed by the smartphone.
ENISA is an agency of the European Union and its new report identifies the top security risks of smartphone use, as well as offering some practical security advice for businesses, consumers and governments.
The ENISA report comes after analyst house Gartner revealed in early November that worldwide mobile phone sales had grown by 35 percent in the third quarter. However that was nothing compared to the 96 percent rise in smartphone sales during the same period, with 80 million smartphones sold in that period alone.
The problem with smartphones, according to ENISA, is that they usually reside within metres of their owners 24 hours a day. These devices offer a “rich cocktail of features including an array of sensors, multiple radio and network interfaces, as well as gigabytes of storage and powerful processors.” They can also act as as contactless wallet, a camera/videophone, a barcode reader, an email client, or a way of accessing social networks.
“Given the growing importance of smartphones for EU businesses, governments and citizens, we consider it essential to assess their security and privacy implications.” said Professor Dr. Udo Helmbrecht, Executive Director of ENISA.
The ENISA report meanwhile cited the following smartphone risks that people need to be aware of:
The report also warns of the dangers posed by phishing, spyware, network spoofing attacks, surveillance, diallerware, financial malware, and finally network congestion.
But users should not believe it is all doom and gloom, as the smartphone does also offer some advantages thanks to the fact that backup is often very well integrated into smartphone platforms, making it easy to recover data if the phone is lost or stolen.
And ENISA also offered a number of recommendations for both users and businesses.
“Smartphones are a goldmine of sensitive and personal information – it’s vital to understand how to maintain our control over this data. We’ve designed our recommendations to plug into a typical security policy” said Dr. Giles Hogben, co-author of the report.
It said that consumers should configure their smartphone in such a way that it locks automatically after some minutes. They should be wary of installing smartphone apps or services and never install any software onto the device unless it is from a trusted source. Consumers should also scrutinise permission requests when using or installing smartphone apps or services, and they must wipe all the data and settings from the smartphone before disposing of or recycling their phone.
Businesses meanwhile are advised to apply a thorough decommissioning procedure to all smartphones, including memory wipe processes. They should also enforce an app whitelist if any sensitive corporate data is handled, or if the corporate network is accessible to the smartphone.
Of course, encryption for the smartphone memory and removable media is also recommended and sensitive data should not be stored locally. Also, businesses should only allow online access to sensitive data from a smartphone using a non-caching app. ENISA also recommends that smartphones should be periodically wiped (using secure deletion) and reloaded with a specially prepared and tested disk image.
A video clip that outlines some of the reports key findings is available here.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…