Study into the Implications of Smartphone Operating System Security

Recommendations

Info

Study into the implications of Smartphone operating system security An examination on whether current consumer Smartphone protection practices in the UK are working Key Findings Smartphone security is an emerging area of technology, as are the threats against them. Consumer protection practices in the UK are currently a combination of technology initiatives and consumer awareness. There is little evidence that UK consumers are effectively protecting their Smartphones using technology and that they are aware of what the main threats are. Consumers, in the main, do not take personal responsibility for the security of their Smartphones and are relying on the MNOs to be proactive in securing both the device and ensuring the safe transport of information over the radio network. MNOs are taking steps to protect both their own networks and Smartphone devices by adopting security practices, including technology controls. From an awareness point of view, MNOs are not making it easy for consumers to locate vital information that could protect their Smartphones against major security threats, including protection against loss or theft. There is a good level of communication from organisations such as Get Safe Online and UK Police authorities as to the major Smartphone threats but there needs to be an analysis of these communication channels in measuring their effectiveness. Recommendations A combination of technology control and education is recommended in combatting the threat to UK Smartphone owners. Better consumer education is at the heart of any protection practice that aims to protect Smartphone users. This can be achieved with the close cooperation of UK stakeholders that includes MNOs, Get Safe Online, The ICO, Ofcom, PhonePayPlus and UK Police Service. Ensure that MNOs are taking adequate safeguards to protect consumer Smartphones and the mobile network infrastructure. This includes appropriate levels of consumer communication. Basic steps to protect Smartphones include: Better communication at the point of sale, e.g. when the consumer purchases a Smartphone PINs and passwords are set. Potentially a default setting on new Smartphones Only install apps from trusted sources and education as to what is a trusted or untrusted source Goode Intelligence © 2013 P a g e | 21 www.goodeintelligence.com
Study into the implications of Smartphone operating system security Know how to report a stolen phone and if a device is lost or stolen report it immediately Discourage modification of security settings including rooting or Jailbreaking Encourage secure disposal of Smartphones, including advice on how to wipe data of an old phone before it is donated, resold or recycled Backup and secure data stored on a Smartphone Set security settings or install security apps that enable remote location and wiping Be aware when connecting to open WiFi networks Understand privacy and app permission settings before accepting them An Investigation and analysis on how other regions are dealing with Smartphone security Key Findings Regions such as the European Union (EU) and the United States of America have been proactive in managing the Smartphone security threat. In the EU, the European Network and Information Security Agency (ENISA) has been set up by the EU to be the “pace-setter for Information Security in Europe” with a mission “to develop a culture of Network and Information Security for the benefit of citizens, consumers, business and public sector organisations in the European Union”. The agency has been actively offering support to EU member states on Smartphone security since 2010 when they first published a report assessing the security risk from using Smartphones and offering “practical recommendations on how to address these risks”. 9 US regulators and other government bodies, including the FCC and the FTC, have been proactive in managing the Smartphone security threat, by reaching out to industry partners, establishing clear guidelines and enforcing current regulations and legislation. The FCC has also been directly involved in attempting to raise awareness for Smartphone security through a number of campaigns. These include “Ten Steps to Smartphone Security for Android” and the “FCC Smartphone Security Checker”. Recommendations Analyse EU and US examples of how they are dealing with Smartphone security. Liaise with the ENISA in the EU and FCC/ FTC in the USA to determine the success of these initiatives. 9 Smartphones: Information security risks, opportunities and recommendations for users, 10 December 2010, ENISA: http://www.enisa.europa.eu/activities/identity-and-trust/risks-and-databreaches/smartphones-information-security-risks-opportunities-and-recommendations-for-users Goode Intelligence © 2013 P a g e | 22 www.goodeintelligence.com
Page 1 and 2: www.goodeintelligence.com £ Study
Page 3 and 4: Study into the implications of Smar
Page 21: Study into the implications of Smar
Page 73 and 74:
Study into the implications of Smar
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
show all

Study into the Implications of Smartphone Operating System Security

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?