Mobile devices are prone to many of the same vulnerabilities as other computing systems, but often to a greater degree. For example, desktop systems are far less vulnerable to being stolen. Another example, the wireless network infrastructure, is far less vulnerable to compromise or tampering. As mobile devices are carried around and made accessible to others, they are far more vulnerable outside the organization’s network and physical perimeter.
The likelihood of mobiles devices being exploited is also far greater for reasons to be discussed below. Because they are inherently small and portable, mobile devices are far more prone to being lost or stolen. Whereas many employees are happy to use only their company-provided computers for work purposes, almost every employee has a mobile device and wants, at a minimum, to be able to stay in touch with coworkers using email, chat, or other apps.
Security vulnerabilities that arise in the use of mobile systems include the following:
- Weak or missing passwords/PINs
- Lack of multifactor authentication
- Long session lifetime
- Wireless vulnerabilities (Bluetooth and WiFi)
- Mobiles malware
- Lack of security software
- Unpatched operating system or browser
- Lack of inherent firewall
- Insecure devices
The following sections discuss each of these vulnerabilities and then explore how Mobiles Device Management (MDM) can be used to address vulnerabilities in mobiles systems.
