Mobile devices have achieved a noticeable importance in human’s life. All these devices may be connected to the network and constantly share information. In some cases, you could be susceptible to identity and data thief so it is quite important to talk about mobile cybersecurity.

Mario Moreno

IAM Engineer

August 30th, 2021

A very clear example of this trend of increased use of mobile devices can be seen with the impact of the current pandemic. Students have had to migrate from having face-to-face classes to taking online classes from a mobile device such as a laptop or tablet. Jobs have gone from being held on the company offices all day using static computers in-house to working from laptops from home. Not to mention smartphones and other mobile devices that are used practically all day long connecting to various networks, sending messages constantly, receiving information frequently and thousands of other tasks.     

Because of what has been mentioned above, it is important to talk about mobile cybersecurity. This topic leads us to talk about back-end cloud security, network security and also a network of more and more connected objects (i.e. Internet of Things), such as wearables and automotive devices. It should be noted that you don’t have a single method to protect applications, but what we need to do is make sure we have additional layers of security on them. Security specialists are combining mobile software security with hardware-based security solutions to strengthen the storage of sensitive data.  

Now, let’s talk about some threats that could be found on mobile devices:  

  • Mobile Data Leak: In our mobile devices we have a lot of important information such as credit card details, private information and so on. This information can be leaked by accessing sites of dubious origin, downloading data from the internet or connecting to free networks.   
  • Wifi obstrusion: Since cellular data does cost, as soon as we get to a place with free wifi internet the first thing we would do would be to connect to it. This is considered one of the most dangerous practices, since you leave the doors open for them to enter and get your information.  
  • Social engineering: As we are receiving many daily email notifications and messages, we usually go directly to open the notification and check the information inside it. If a link is found, it is usually pressed and many times you will become a victim of cybercrime. As a fact, 91% of cyber-attacks are initiated through email.   
  • Obsolete devices: By not having new updates your mobile devices may suffer a higher risk of an attack than a device that is more updated in terms of software. This is true for tablets, smartphones or laptops.   
  • Bad password practices: Using passwords such as 12345, password1 or other passwords of this type are a very bad practice. Similarly, using keywords such as name, birthday, pet name or other names that may appeal to something known about you can put your security at risk. If a hacker gains access to one of your passwords with such low protection, they will most likely try to access all your other accounts with the same password as it is very common to use the same password on work or personal accounts.   
  • Ad fraud: On the web or in applications we find a large number of advertisements that are received on a daily basis. This is also a risk because it is very easy to click on the banner and we could be accessing a fake or corrupted ad, with which they could have access to some personal data.  
  • Breaches of physical devices: Similarly, having a simple password on our mobile devices can pose a risk, so having easy recognition, fingerprint or a better password made with combinations of capital letters and space keys.  

After having learned a little about the dangers of mobile devices, it is necessary to talk about how we can have a better management of the devices and their security. With Okta, we find several tools for password management, which in itself, is to forget about passwords and switch to a passwordless scheme. By this we mean that we only have one password to access (there are even cases where it is not even used) and with that password we can access a dashboard with all the applications we are interested in.  

Similarly, with Okta we have different models of user authentication, such as MFA. With this we can authenticate with push notifications, biometric authentication, receiving unique authentication codes, blocking access to only access from a certain region, among others. We take a step towards a scheme known as Zero Trust, where you always verify and never trust  

In conclusion, whether we have advanced authentication systems or not, with this article we hope to raise awareness of the possible risks that we can encounter in the day to day by having bad practices in the use of our mobile devices. If you follow these tips, you could increase your awareness of how important cybersecurity is nowadays in your devices and in your personal or business environment.   


[1] Mobile security (wireless security), Brian Posey, May 2021

[2] 2021 Top Ten Cybresecurity Trends, Kaspersky inc., 2021

[3] The mobile network of the future: what you need to know about cybersecurity, TMobile, 2021