Secure your mobile devices this holiday season

The holidays can be stressful, and cybersecurity may not always be top of mind. However, you should be on the watch for cyber threats and vulnerabilities at airports, coffee shops, hotels, shopping malls and other public spots.

For example, public USB charging stations are a convenient way to charge devices. But think twice before plugging into these stations. There’s a USB charging scam called “juice jacking,” in which hackers use public USB ports to infect smartphones with dangerous malware or steal personal data.

While juice jacking attacks are relatively uncommon, avoid using public kiosks to charge your phone. Instead, plug your device into an AC power outlet or use a portable battery pack. If you do use a public kiosk, leverage a USB data blocker to achieve USB security; a data blocker allows charging, yet blocks any data transfer capability or USB malware from infecting your device.

Public WiFi networks are also convenient, though they are often not secure. One of the most serious types of threats occurs when an attacker intercepts a mobile device’s network traffic through a man-in-the-middle (MITM) attack or rogue access point. This allows an attacker to read and capture credentials, emails, calendars, contacts and other sensitive data as a preliminary step in a more advanced attack on you or your employer.

To protect your data in motion and increase public WiFi security, use a virtual private network (VPN) to encrypt your data when connecting to a public WiFi network. And, make sure to remove the public WiFi network from your device by deleting it when you are done. Otherwise, you can still be an easy target for a hacker.

To further mitigate these risks, organizations should deploy MobileIron Unified Endpoint Management (UEM) with MobileIron Threat Defense (MTD). MTD can detect and remediate mobile threats, including device, network, app and phishing attacks, even when the device is offline. MTD offers continuous protection against mobile device threats, including malware, MITM attacks and unencrypted networks, that exploit user behavior and security gaps.

Bart Westerink

Bart Westerink

VP Security Engineering, MobileIron

About the author

As VP Security Engineering of MobileIron, Bart Westerink is responsible for global information security architecture, information risk assessment, security event correlation and monitoring, control design and deployment, and information system regulatory compliance. Prior to joining MobileIron, Bart held security and engineering roles at organizations across a variety of sectors including technology, healthcare and finance.