As a cybersecurity professional, I have talked to a lot of people in and out of the classroom, as a consultant for the federal government and the private sector but I’m still shocked when I ask, "What kind of antimalware or firewall do you use for your phone?" Three responses are typical: silence; "I don’t use anything"; or something reasonable like Symantec Mobile Security for Android, McAfee, etc. I applaud them for choosing something which shows some awareness although not for their specific choices. But hey, it’s a start.
Let’s face it—people have favorites. I have mine and you probably have yours. It’s human nature. Some people like pizza with pineapple and some people think that’s sacrilege. But you can’t argue with the logic of having something instead of nothing makes sense when it comes to security.
This article isn’t a review of software that you should use but rather a set of best practices that you should strongly consider. These sobering statistics should get your attention:
- According to Symantec, third-party app stores hosted 99.9% of detected mobile malware and therefore the cause of recent security breaches
- Computerworld recently stated that Android remains the top target for internet attacks. Despite new security measures added, many Android devices remain vulnerable since owners don’t update operating systems. Even Apple, which owns their app store, is consistently the target of cyberattacks on iPhones and tablets.
- Of the world's cyberattacks, 60% come from mobile devices. RSA Security just published this nugget.
- I’ve saved the best for last: almost every second call to a mobile phone is a scam. That’s from First Orion. Their main mission is to protect customers from bad actors but their original goal was to report unwanted landline calls to the FTC.
Enough gloom and doom statistics. Let’s discuss some immediate, cheap, and effective habits that can help you thwart an attack on your mobile devices, specifically Android and iPhone.
Here are some basics. These may sound obvious.
- Keep your phone with you at all times.
- Change your phone passcode to something unique and avoid using 1234, 0000, etc.
- Turn off Bluetooth when you’re not using it or better yet, turn it off altogether.
- Resist the temptation to store PINs or credit card numbers in your phone.
- Clear your browser cache, cookies, and history on a regular basis. Most browsers give you the option to auto-clear on exit.
- Enable Find My iPhone so you can locate your phone before a thief does.
- Use a security app like Webroot that has an all-in-one app for Android so you can locate, lock, wipe and protect your phone from malware. For iOS, Webroot also offers a free secure browser.
My go-to antimalware solutions approach for my Android are Avira Antivirus with a free VPN. They also offer security for iOS. I also have Malwarebytes and Superantispyware. It’s a tad bit of overkill but when it comes to antimalware, I subscribe to Defense in Depth even though what I use for my laptops is, for example, Avira All-in-One’s software.
The links below will allow you to investigate other mobile antimalware. One for Android and one for iOS.
Antimalware for Android
Antimalware for iOS
These sites offer pros and cons and price comparisons. The best way is to try them out for yourself and see what best fits your budget and features.
I don’t remember if someone famous said "Something is better than nothing," but when it comes to protecting your phone, it truly is. Just do your research and use common sense.
Cybersecurity Best Practices
Unfortunately, there's not yet a way to make any web technology completely invulnerable to hackers and cybercrime. Cyber attacks continue to evolve every day, resulting in a need to be constantly improving and implementing new cybersecurity measures. This concept can be overwhelming for any cybersecurity team, no matter how big or small. That's why we've created a free ebook to help you design a comprehensive cybersecurity plan.