Mobile Security Solution Report: Addressing Data Leakage Threats

Verified

Added on 2022/09/11

AI Summary

This report delves into the critical aspects of mobile security, addressing the increasing vulnerability of business data to leakage. It begins by highlighting the significant role of data in modern business operations and the various technologies used for data handling. The report identifies potential threats stemming from mobile device usage, including risks associated with mobile applications, Wi-Fi networks, identity theft, and password security. To mitigate these threats, a comprehensive security solution is proposed, emphasizing data encryption, anti-virus software, and secure cloud storage. The report also underscores the importance of user authentication, regular data backups, and secure data sharing practices. The conclusion emphasizes the need for businesses to prioritize data integrity, availability, and confidentiality by implementing the recommended security measures to protect sensitive information from external misuse.

Running head: INFORMATION ASSURANCE
INFORMATION ASSURANCE: MOBILE SECURITY SOLUTION
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1INFORMATION ASSURANCE
Table of Contents
Introduction..........................................................................................................................2
Discussion............................................................................................................................2
Possible threats of Data leakage......................................................................................2
Proposed Solution............................................................................................................3
Conclusion...........................................................................................................................5
References............................................................................................................................6

2INFORMATION ASSURANCE
Introduction
Data play a major role in every business. The data are gathered, process and analyzed for
performing various business operations. All business decisions are taken on the basis of the
processed data. With the huge evolvement of various technologies the gathering, processing and
analyzing of the data becomes an easy method for the businesses. With the enhancements of the
technologies the data becomes vulnerable to multiple threats (Taylor, Fritsch & Liederbach,
2014). Any type of misuse of the data can exploit the business totally. Thus, security of data and
the maintenance of the integrity, confidentiality and availability of the business data in their
working environment.
This specific report mainly aims at securing the data leakage in a business. The report
proposed a security solution by describing an appropriate method to use the mobile phones to
avoid data leakage. The study initially identifies some vulnerable threats that can cause data
leakage by the improper use of the mobile phones in the businesses then a security solution will
be provided to avoid the determined threats.
Discussion
Possible threats of Data leakage
The use of the mobile phones for the purpose of storing, processing and moving the data
from one end to other has increased in this recent era. This excessive use of the mobile phones
for handling the business data also increased the vulnerability of data leakages. Some of the
possible threats of data leakage from the mobile devices are: The data leakages are often caused
due to the mobile apps. These applications are vulnerable to several vulnerable data leakage
(Schutt & O'Neil, 2013). These application forces a user to visit to some malicious website

3INFORMATION ASSURANCE
which are popped to the users. The users are usually tricked and are redirected to some malicious
webpages. The Wi–fi networks are also vulnerable to the data leakage. The Wi–Fi connection
can extract all sensitive business data and can easily misuse those data to exploit the business.
The transmission of the data from one to device should maintain proper availability, integrity and
confidentiality of the business data. All the possible connected device or network should be
initially verified and then the device should be connected to that particular network or other
devices. The network can be spoofed which can result in extraction of sensitive data for the
business (Hauer, 2015). In mobile device transaction several applications utilize tokens that
allow the users to operate multiple operations without verifying their identity. The identity theft
can allow an unauthorized user to access the sensitive data and can also provide permissions to
operate other operation using the accessed data. It should be ensured that all the data should be
accessed only by the authenticated users (Li, Zhao & Due, 2013). Data access should be
provided based on the authentication and authorization of the mobile data. The passwords play a
major role in the mobile devices. The mobile devices are also vulnerable to the phishing attack
where the hacker can easily gather the business data. Sometime users forget or failed to update
their mobile application in a regular basis. Older versions of the application can also extract the
data from the user mobile (Roman, Lopez & Mambo, 2018). Usually user stores their sensitive
data in the mobile based cloud where some authentication is required for accessing the data.
Proposed Solution
A security plan to prevent data leakage from the mobile device include various securing
techniques. These techniques are as follows:
 Encryption of data: One of the most important and effective way to secure the data from
leakage is the method of data encryption. The business are frequently transmitted from

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4INFORMATION ASSURANCE
one place to other. The data should be encrypted with some special and unique
encryption key such that the receiver can decrypt the message or information to read the
message (Daemen & Rijmen, 2013). This allow the users to retain the original
information and also allow the business to effectively produce their goods or services
based on the raw data. Encryption helps the user to maintain the integrity, availability and
confidentiality of the business data (He, Chan & Guizani, 2015). End to end encryption
can an efficient method of encrypting the message. Any type of third party cannot
involve in the transmission of the data as they cannot decrypt the data due to absence of
the decryption key. The data can only be used by the other end users who have the
decryption key.
 Use of anti – virus: The mobile device should always be secured with the help of the anti
– virus software. Viruses can easily track and extract all the data from the mobile devices.
The antivirus can easily track and mitigate resist the viruses from triggering the attack.
The anti – malware can also allow the business to protect the data from external
interference (Stone-Gross et al., 2013).
 The hard drives should also be made unreadable such that in case of incident, the attacker
cannot read the data that are stored in the drive.
 The data stored in the cloud should also be protected by some effective use of
authentication methods as well as firewalls (Verlinde & Verlinde, 2013). The mobile
devices always have the access to the cloud and an individual can easily access the cloud
data from their mobile phones. The mobile computing technique or method also require
security control to secure the data. The access should be automatically log out the user
after sometime of non – action time. The users should have to enter the authentication

5INFORMATION ASSURANCE
key to access the cloud of the business. The cloud services should always be provided to
the authorized users only.
 The mobile device should always contain a home lock which should require some
biological identity of the authorized users. Any mismatch in the biological identity the
mobile device should capture the photo of the user who tried to unlock the phone
(Albanese et al., 2014).
 The data should be back up in a regular basis such that in case of any incident, the users
can perform their operation without suspending the operation due to the lack of data
resources. Any type of sharing the data or media through the mobile phones should be
kept protected and the shared history should always be deleted continuously such that any
the attacker cannot track the existence of the file or media. The business data are highly
vulnerable to the external environment.
Conclusion
Therefore, it can be concluded that data has a major role in every business. With the
development of the technologies and the data storage devices the data become vulnerable to
multiple threats. Any lack in security of the data can lead to a huge loss for any business. Every
business should maintain integrity, availability and confidentiality of the data throughout the
working environment. The mobile phones of the users should always be kept protected such that
any unknown user cannot access the business data and misuse those data to exploit the business.
The proposed security measures are recommended to the users to secure the business data from
external misuse.

6INFORMATION ASSURANCE
References
Albanese, A., Walkey, C. D., Olsen, J. B., Guo, H., Emili, A., & Chan, W. C. (2014). Secreted
biomolecules alter the biological identity and cellular interactions of nanoparticles. Acs
Nano, 8(6), 5515-5526.
Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption
standard. Springer Science & Business Media.
Hauer, B. (2015). Data and information leakage prevention within the scope of information
security. IEEE Access, 3, 2554-2565.
He, D., Chan, S., & Guizani, M. (2015). Mobile application security: malware threats and
defenses. IEEE Wireless Communications, 22(1), 138-144.
Li, L., Zhao, X., & Xue, G. (2013, February). Unobservable re-authentication for smartphones.
In NDSS (Vol. 56, pp. 57-59).
Roman, R., Lopez, J., & Mambo, M. (2018). Mobile edge computing, fog et al.: A survey and
analysis of security threats and challenges. Future Generation Computer Systems, 78,
680-698.
Schutt, R., & O'Neil, C. (2013). Doing data science: Straight talk from the frontline. O'Reilly
Media, Inc..
Stone-Gross, B., Abman, R., Kemmerer, R. A., Kruegel, C., Steigerwald, D. G., & Vigna, G.
(2013). The underground economy of fake antivirus software. In Economics of
information security and privacy III (pp. 55-78). Springer, New York, NY.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7INFORMATION ASSURANCE
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism.
Prentice Hall Press.
Verlinde, E., & Verlinde, H. (2013). Passing through the firewall. arXiv preprint
arXiv:1306.0515.