Information Security for Mobile Devices
VerifiedAdded on  2022/11/13
|10
|2055
|128
AI Summary
The purpose of this report is to analyse the information security risks pertaining to mobile devices and identify the threats that can possibly affect companies exercising wireless credit card payment processes using mobile devices. After analysing and identifying the security threats the mobile security measures and best practises for preventing mobile devices from getting infected are listed. Among these the ones that can specifically help secure mobile devices for credit card payment processes are identified. Thereafter the report proceeds to propose the mobile security solution. The solution is proposed through three key activities after which the report ends with observations in concluding notes.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SECURITY FOR MOBILE DEVICES
Information Security for Mobile Devices
Name of the Student
Name of the University
Author Note
Information Security for Mobile Devices
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY FOR MOBILE DEVICES
Summary
The purpose of this report is to analyse the information security risks pertaining to mobile
devices and identify the threats that can possibly affect companies exercising wireless credit
card payment processes using mobile devices. After analysing and identifying the security
threats the mobile security measures and best practises for preventing mobile devices from
getting infected are listed. Among these the ones that can specifically help secure mobile
devices for credit card payment processes are identified. Thereafter the report proceeds to
propose the mobile security solution. The solution is proposed through three key activities
after which the report ends with observations in concluding notes.
Summary
The purpose of this report is to analyse the information security risks pertaining to mobile
devices and identify the threats that can possibly affect companies exercising wireless credit
card payment processes using mobile devices. After analysing and identifying the security
threats the mobile security measures and best practises for preventing mobile devices from
getting infected are listed. Among these the ones that can specifically help secure mobile
devices for credit card payment processes are identified. Thereafter the report proceeds to
propose the mobile security solution. The solution is proposed through three key activities
after which the report ends with observations in concluding notes.
2INFORMATION SECURITY FOR MOBILE DEVICES
Table of Contents
Introduction................................................................................................................................3
Analysis of threats......................................................................................................................3
Evaluation of Security Measures...............................................................................................4
Proposal......................................................................................................................................5
Conclusion..................................................................................................................................7
References..................................................................................................................................8
Table of Contents
Introduction................................................................................................................................3
Analysis of threats......................................................................................................................3
Evaluation of Security Measures...............................................................................................4
Proposal......................................................................................................................................5
Conclusion..................................................................................................................................7
References..................................................................................................................................8
3INFORMATION SECURITY FOR MOBILE DEVICES
Introduction
The following report tries to analyse the information security risks pertaining to
mobile devices, suggests security measures and proposes security plans to prevent threats that
can possibly affect companies exercising wireless credit card payment processes using
mobile devices (Wang, Hahn & Sutrave, 2016). The report begins by analysing and
identifying the security threats to mobile devices after which security measures and best
practises for preventing mobile devices from getting infected are listed. Then the specific
measures that can particularly help secure mobile devices for credit card payment processes
are identified. Thereafter the report proceeds to propose the mobile security solution. The
solution is proposed through three key activities after which the report ends with observations
in concluding notes.
Analysis of threats
The move of equipping sales personnel with mobile devices to take orders from
customers is a revolutionary and welcome move that can help the company gain market
share. On the fly credit card payment processing using Wi-Fi can help the user in complying
transactions with ease however the security side needs to be considered as well (Yeh et al.,
2018). Security threats to mobile devices are rising in number as also evolving with every
passing day. For protecting mobile phones and the data they contain, users need to realize the
usual threat patterns to stay prepared against next generation security risks. These threats that
employees of corporate organizations can get subjected to are data leakage, unsecured Wi-Fi,
Network Spoofing, Phishing Attacks, Malware, Broken Cryptography and Improper Session
Handling. Out of these, the threats that can potentially compromise electronic transactions are
unsecured Wi-Fi, network spoofing, phishing attacks and malware.
Introduction
The following report tries to analyse the information security risks pertaining to
mobile devices, suggests security measures and proposes security plans to prevent threats that
can possibly affect companies exercising wireless credit card payment processes using
mobile devices (Wang, Hahn & Sutrave, 2016). The report begins by analysing and
identifying the security threats to mobile devices after which security measures and best
practises for preventing mobile devices from getting infected are listed. Then the specific
measures that can particularly help secure mobile devices for credit card payment processes
are identified. Thereafter the report proceeds to propose the mobile security solution. The
solution is proposed through three key activities after which the report ends with observations
in concluding notes.
Analysis of threats
The move of equipping sales personnel with mobile devices to take orders from
customers is a revolutionary and welcome move that can help the company gain market
share. On the fly credit card payment processing using Wi-Fi can help the user in complying
transactions with ease however the security side needs to be considered as well (Yeh et al.,
2018). Security threats to mobile devices are rising in number as also evolving with every
passing day. For protecting mobile phones and the data they contain, users need to realize the
usual threat patterns to stay prepared against next generation security risks. These threats that
employees of corporate organizations can get subjected to are data leakage, unsecured Wi-Fi,
Network Spoofing, Phishing Attacks, Malware, Broken Cryptography and Improper Session
Handling. Out of these, the threats that can potentially compromise electronic transactions are
unsecured Wi-Fi, network spoofing, phishing attacks and malware.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SECURITY FOR MOBILE DEVICES
Evaluation of Security Measures
Mobile phones are exposed to the same security risks as are desktop computers and
laptop devices. This is mainly because users are not adhering to safe web surfing practises.
As a result, several security measures are employed for securing mobile devices. These are:
Locking of phones: Phones can be locked setting passwords or configuring fingerprint
detection. Thus, if the phone gets stolen or is being hacked, these will serve as the first line of
security.
Encrypting data: Sometimes encryption is ready by default on mobile devices. It helps
protect sensitive user data which can range from emails, transactional or banking data.
Remote wipe: When phones are stolen or gets lost, remote wipe if previously set up enables
the user to wipe out all the data of the device from a remote location and also helps find the
phone location.
Backup of mobile data: This involves connecting devices with appropriate cloud services
for keeping back up of data as well as encrypting them (Pokharel, Choo & Liu, 2017).
Backup can also be created in PC which should be frequently synced.
Avoiding third party applications: While in the AppStore, Apple approves or blocks third
party apps, android users using Google Play can be vulnerable (McIlroy, Ali & Hassan,
2016). Disallowing apps from unknown sources helps keep users comparatively safe. If a
third party app is considered for use, it should be double checked that it is not malicious.
Avoiding rooting and jail-breaking: Both are processes used to bypass the intended
security protocols of the device manufacturer. These processes weaken the security of mobile
devices.
Evaluation of Security Measures
Mobile phones are exposed to the same security risks as are desktop computers and
laptop devices. This is mainly because users are not adhering to safe web surfing practises.
As a result, several security measures are employed for securing mobile devices. These are:
Locking of phones: Phones can be locked setting passwords or configuring fingerprint
detection. Thus, if the phone gets stolen or is being hacked, these will serve as the first line of
security.
Encrypting data: Sometimes encryption is ready by default on mobile devices. It helps
protect sensitive user data which can range from emails, transactional or banking data.
Remote wipe: When phones are stolen or gets lost, remote wipe if previously set up enables
the user to wipe out all the data of the device from a remote location and also helps find the
phone location.
Backup of mobile data: This involves connecting devices with appropriate cloud services
for keeping back up of data as well as encrypting them (Pokharel, Choo & Liu, 2017).
Backup can also be created in PC which should be frequently synced.
Avoiding third party applications: While in the AppStore, Apple approves or blocks third
party apps, android users using Google Play can be vulnerable (McIlroy, Ali & Hassan,
2016). Disallowing apps from unknown sources helps keep users comparatively safe. If a
third party app is considered for use, it should be double checked that it is not malicious.
Avoiding rooting and jail-breaking: Both are processes used to bypass the intended
security protocols of the device manufacturer. These processes weaken the security of mobile
devices.
5INFORMATION SECURITY FOR MOBILE DEVICES
Regularly updating operating systems: Updates to operating system contain critical
security hotfixes and patches and hence should be installed immediately.
Awareness of social engineering scams: Cyber attackers are very fond of spoofing apps
used for banking, stealing personal information through phony texts as also emailing
malicious attachments and harmful links (Aithal, 2016). Hence, all sorts of communications
from unknown sources should be dealt very carefully.
Public Wi-Fi: Ensuring secure access to Wi-Fi networks is vital as unwanted actors can use
up all the data limit allotted to user. The public Wi-Fi networks are almost certainly the least
secured and therefore transactions must be avoided through these networks.
Antimalware application for mobiles: There exists dozens of free to use anti malware
applications for mobile devices with cleaning as well as real time protection features and is
recommended to be used in all mobiles (He, Chan & Guizani, 2015). These can prevent
infections if the user ends up downloading malicious files or opening harmful links.
Among these security measures the most effective measures for the use case of
wireless credit card payment can be operating with a trustworthy antimalware application,
ensuring the Wi-Fi network being used is secured, growing awareness over social
engineering and other cyber security risks, having remote wipe configured and multi layered
locking mechanisms implemented (Saxena et al., 2019). Antimalware applications are a must
for every device, secured Wi-Fi networks can provide certain level of guarantee from
transactions getting hijacked. Being aware of the patterns of security risks can reduce rate of
infections as mostly security risks take advantage of human interactions in getting systems
infected.
Regularly updating operating systems: Updates to operating system contain critical
security hotfixes and patches and hence should be installed immediately.
Awareness of social engineering scams: Cyber attackers are very fond of spoofing apps
used for banking, stealing personal information through phony texts as also emailing
malicious attachments and harmful links (Aithal, 2016). Hence, all sorts of communications
from unknown sources should be dealt very carefully.
Public Wi-Fi: Ensuring secure access to Wi-Fi networks is vital as unwanted actors can use
up all the data limit allotted to user. The public Wi-Fi networks are almost certainly the least
secured and therefore transactions must be avoided through these networks.
Antimalware application for mobiles: There exists dozens of free to use anti malware
applications for mobile devices with cleaning as well as real time protection features and is
recommended to be used in all mobiles (He, Chan & Guizani, 2015). These can prevent
infections if the user ends up downloading malicious files or opening harmful links.
Among these security measures the most effective measures for the use case of
wireless credit card payment can be operating with a trustworthy antimalware application,
ensuring the Wi-Fi network being used is secured, growing awareness over social
engineering and other cyber security risks, having remote wipe configured and multi layered
locking mechanisms implemented (Saxena et al., 2019). Antimalware applications are a must
for every device, secured Wi-Fi networks can provide certain level of guarantee from
transactions getting hijacked. Being aware of the patterns of security risks can reduce rate of
infections as mostly security risks take advantage of human interactions in getting systems
infected.
6INFORMATION SECURITY FOR MOBILE DEVICES
Proposal
For corporate organizations or businesses, in order to set up a comprehensive security
solution the following activities need to be conducted.
Activity 1: Setting up the right protocols
It must be noted that there does not exist any shortcuts to adhering by protocols or
procedures put in place as there should always be full compliance to security protocols.
Hence the first step to ensure secure mobile usage is establishing proper security protocols
and complying by them. These protocols contain best practises, involves briefing employees
on current threats and appropriate training for avoiding them.
Activity 2: Setting an Example
It is a natural tendency of employees to model their activities based on that of their
superiors. Hence all security policies and compliances must be exercised fully and sincerely
across all levels of organizational members including the managers, the executives and other
top level members so that the general workforce do not get the courage to be neglectful.
Thus, it needs to be ensured that mobile security forms an integral part of the company.
Activity 3: Protection Plan
This involves overseeing that adequate security is put in place within the company,
for each mobile device as well as mapping these devices with the respective employees. To
start off, the network infrastructure of the company should be secured effectively (Chen et al.,
2016). This can be ensured by using standalone firewall devices like SOPHOS or CISCO
ASA firewalls to secure the connection before it reaches the core equipment of the company
network. Also software side firewalls like McAfee Endpoint Security 10.6.x and antivirus
solutions can help secure other layers of the OSI model of networking thus securing the
Proposal
For corporate organizations or businesses, in order to set up a comprehensive security
solution the following activities need to be conducted.
Activity 1: Setting up the right protocols
It must be noted that there does not exist any shortcuts to adhering by protocols or
procedures put in place as there should always be full compliance to security protocols.
Hence the first step to ensure secure mobile usage is establishing proper security protocols
and complying by them. These protocols contain best practises, involves briefing employees
on current threats and appropriate training for avoiding them.
Activity 2: Setting an Example
It is a natural tendency of employees to model their activities based on that of their
superiors. Hence all security policies and compliances must be exercised fully and sincerely
across all levels of organizational members including the managers, the executives and other
top level members so that the general workforce do not get the courage to be neglectful.
Thus, it needs to be ensured that mobile security forms an integral part of the company.
Activity 3: Protection Plan
This involves overseeing that adequate security is put in place within the company,
for each mobile device as well as mapping these devices with the respective employees. To
start off, the network infrastructure of the company should be secured effectively (Chen et al.,
2016). This can be ensured by using standalone firewall devices like SOPHOS or CISCO
ASA firewalls to secure the connection before it reaches the core equipment of the company
network. Also software side firewalls like McAfee Endpoint Security 10.6.x and antivirus
solutions can help secure other layers of the OSI model of networking thus securing the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY FOR MOBILE DEVICES
network completely. Wireless network set on this network will require additional security
measures as these can be detected and accessed remotely and very easily by other third
parties nearby. Using WPA2, second iteration of Wi-Fi Protected Access (WPA) these
equipment for wireless network can be secured (Alblwi & Shujaee, 2017). Additionally every
mobile device should also have anti malware solutions like CM Security installed for
protecting them against malicious files and harmful links real time. Near field
Communications (NFC) also enable secure payments and the mobile should support the
technology (Badra & Badra, 2016). Since the organization deals with credit card payment
processing, it should also be ensured that trustworthy network payment gateways like Visa,
Mastercard, American Express and others are shortlisted for such transactions.
Conclusion
In conclusion the above report successfully analyses the information security risks
pertaining to mobile devices and is observed to suggest security measures as also proposing
of security plans for preventing threats that can possibly affect companies exercising wireless
credit card payment processes using mobile devices. The report begins by analysing and
identifying the security threats to mobile devices after which security measures and best
practises for preventing mobile devices from getting infected are listed. Then the specific
measures that can particularly help secure mobile devices for credit card payment processes
are identified. Thereafter the report proceeds to propose the mobile security solution. The
solution is proposed with the help of three key activities.
network completely. Wireless network set on this network will require additional security
measures as these can be detected and accessed remotely and very easily by other third
parties nearby. Using WPA2, second iteration of Wi-Fi Protected Access (WPA) these
equipment for wireless network can be secured (Alblwi & Shujaee, 2017). Additionally every
mobile device should also have anti malware solutions like CM Security installed for
protecting them against malicious files and harmful links real time. Near field
Communications (NFC) also enable secure payments and the mobile should support the
technology (Badra & Badra, 2016). Since the organization deals with credit card payment
processing, it should also be ensured that trustworthy network payment gateways like Visa,
Mastercard, American Express and others are shortlisted for such transactions.
Conclusion
In conclusion the above report successfully analyses the information security risks
pertaining to mobile devices and is observed to suggest security measures as also proposing
of security plans for preventing threats that can possibly affect companies exercising wireless
credit card payment processes using mobile devices. The report begins by analysing and
identifying the security threats to mobile devices after which security measures and best
practises for preventing mobile devices from getting infected are listed. Then the specific
measures that can particularly help secure mobile devices for credit card payment processes
are identified. Thereafter the report proceeds to propose the mobile security solution. The
solution is proposed with the help of three key activities.
8INFORMATION SECURITY FOR MOBILE DEVICES
References
Aithal, P. S. (2016). A Review on Advanced Security Solutions in Online Banking Models.
International Journal of Scientific Research and Modern Education (IJSRME), 1,
421-429.
Alblwi, S., & Shujaee, K. (2017). A Survey on Wireless Security Protocol WPA2. In
Proceedings of the International Conference on Security and Management (SAM) (pp.
12-17). The Steering Committee of The World Congress in Computer Science,
Computer Engineering and Applied Computing (WorldComp).
Badra, M., & Badra, R. B. (2016). A lightweight security protocol for NFC-based mobile
payments. Procedia Computer Science, 83, 705-711.
Chen, M., Qian, Y., Mao, S., Tang, W., & Yang, X. (2016). Software-defined mobile
networks security. Mobile Networks and Applications, 21(5), 729-743.
He, D., Chan, S., & Guizani, M. (2015). Mobile application security: malware threats and
defenses. IEEE Wireless Communications, 22(1), 138-144.
McIlroy, S., Ali, N., & Hassan, A. E. (2016). Fresh apps: an empirical study of frequently-
updated mobile apps in the Google play store. Empirical Software Engineering, 21(3),
1346-1370.
Pokharel, S., Choo, K. K. R., & Liu, J. (2017). Mobile cloud security: An adversary model
for lightweight browser security. Computer Standards & Interfaces, 49, 71-78.
Saxena, S., Vyas, S., Kumar, B. S., & Gupta, S. (2019, April). Survey on Online Electronic
Paymentss Security. In 2019 Amity International Conference on Artificial Intelligence
(AICAI) (pp. 756-751). IEEE.
References
Aithal, P. S. (2016). A Review on Advanced Security Solutions in Online Banking Models.
International Journal of Scientific Research and Modern Education (IJSRME), 1,
421-429.
Alblwi, S., & Shujaee, K. (2017). A Survey on Wireless Security Protocol WPA2. In
Proceedings of the International Conference on Security and Management (SAM) (pp.
12-17). The Steering Committee of The World Congress in Computer Science,
Computer Engineering and Applied Computing (WorldComp).
Badra, M., & Badra, R. B. (2016). A lightweight security protocol for NFC-based mobile
payments. Procedia Computer Science, 83, 705-711.
Chen, M., Qian, Y., Mao, S., Tang, W., & Yang, X. (2016). Software-defined mobile
networks security. Mobile Networks and Applications, 21(5), 729-743.
He, D., Chan, S., & Guizani, M. (2015). Mobile application security: malware threats and
defenses. IEEE Wireless Communications, 22(1), 138-144.
McIlroy, S., Ali, N., & Hassan, A. E. (2016). Fresh apps: an empirical study of frequently-
updated mobile apps in the Google play store. Empirical Software Engineering, 21(3),
1346-1370.
Pokharel, S., Choo, K. K. R., & Liu, J. (2017). Mobile cloud security: An adversary model
for lightweight browser security. Computer Standards & Interfaces, 49, 71-78.
Saxena, S., Vyas, S., Kumar, B. S., & Gupta, S. (2019, April). Survey on Online Electronic
Paymentss Security. In 2019 Amity International Conference on Artificial Intelligence
(AICAI) (pp. 756-751). IEEE.
9INFORMATION SECURITY FOR MOBILE DEVICES
Wang, Y., Hahn, C., & Sutrave, K. (2016, February). Mobile payment security, threats, and
challenges. In 2016 second international conference on mobile and secure services
(MobiSecServ) (pp. 1-5). IEEE.
Yeh, K. H., Su, C., Hou, J. L., Chiu, W., & Chen, C. M. (2018). A Robust Mobile Payment
Scheme With Smart Contract-Based Transaction Repository. IEEE Access, 6, 59394-
59404.
Wang, Y., Hahn, C., & Sutrave, K. (2016, February). Mobile payment security, threats, and
challenges. In 2016 second international conference on mobile and secure services
(MobiSecServ) (pp. 1-5). IEEE.
Yeh, K. H., Su, C., Hou, J. L., Chiu, W., & Chen, C. M. (2018). A Robust Mobile Payment
Scheme With Smart Contract-Based Transaction Repository. IEEE Access, 6, 59394-
59404.
1 out of 10
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.