October is Cyber Security Awareness Month.
Each week this month, ITS is sharing topics to help the community understand the risks associated with sharing personal and organizational information, and keeping that data secure. Here are the previous messages on doxxing and smishing.
This week’s topic: Mobile Device Attacks Mobile security threats are commonly thought of as a single, all-encompassing threat. But, there are actually four different types of mobile security threats that organizations need to take steps to protect against:
- Mobile Application Security Threats
Application-based threats happen when people download apps that look legitimate but actually skim data from their device. Examples are spyware and malware that steal personal and business information without people realizing it’s happening.
- Web-Based Mobile Security Threats
Web-based threats are subtle and tend to go unnoticed. They happen when people visit affected sites that seem fine on the front-end but, in reality, automatically download malicious content onto devices.
- Mobile Network Security Threats
Network-based threats are especially common and risky because cybercriminals can steal unencrypted data while people use public WiFi networks.
- Mobile Device Security Threats
Physical threats to mobile devices most commonly refer to the loss or theft of a device. Because hackers have direct access to the hardware where private data is stored, this threat is especially dangerous to organizations. Here’s what you can do to protect your device, yourself, and the college: Wi-Fi
- Don’t allow your device to auto-join unfamiliar networks.
- Always turn off Wi-Fi when you aren’t using it or don’t need it.
- Never send sensitive information over Wi-Fi unless you’re absolutely sure it’s a secure network.
Apps
- Only use apps available in your device’s official store; NEVER download from a browser.
- Be wary of apps from unknown developers or those with limited/bad reviews.
- Keep them updated to ensure they have the latest security.
- If they’re no longer supported by your store, just delete!
- Don’t grant administrator, or excessive privileges to apps unless you truly trust them.
Browser
- Watch out for ads, giveaways, and contests that seem too good to be true. Often these lead to phishing sites that appear to be legit.
- Pay close attention to URLs. These are harder to verify on mobile screens but it’s worth the effort.
- Never save your login information when you’re using a web browser.
Bluetooth
- Disable automatic Bluetooth pairing.
- Always turn it off when you don’t need it.
Please contact ITSSecurity@coloradocollege.edu if you have any questions. |