We need to have the skills to deal with the privacy and security issues of our mobile phone data
By Dipesh Shah
Even as we move towards a better normal, the pandemic has permanently changed our relationship with technology, accelerating the shift to digitalization. We are now working from home, learning about the latest technology trends, enjoying innovations in online media and shopping as the smartphone continues to take center stage in our lives. For many of us, it replaced our laptops and wallets, and even our house keys.
Even if we develop the use of a smartphone, we must learn to be aware and have the necessary skills to deal with the problems of privacy and security of our data and our behaviors. Although our IT security readiness has increased with regard to the use of laptops and desktop computers, as more and more work moves to the smartphone, this will attract those who could trade your privacy and your safety to their advantage. For example, cybersecurity firm IronNet reported that cyberattacks increased by 168% between May 2020 and May 2021, with attacks on smartphones becoming one of the biggest cybersecurity threats in the Asia-Pacific region.
While developers may need to create software backdoors to apps and other software for easy access when troubleshooting, hackers are often able to discover the backdoors, exposing our data and privacy. To prevent such unauthorized backdoor access, it is best not to download any unauthorized apps that might introduce malware or spyware into our smartphones.
Hackers and cyber attackers are looking for zero-day software vulnerabilities that may have been discovered but not yet patched by OEMs. The biggest danger is rooting, which disables most of an operating system’s internal security features. Some OEMs have built-in hardware and firmware features that will protect your device against these zero-day vulnerabilities by making it difficult for untrusted code to start on your device. If the software is not digitally signed by someone in the OEM’s chain of trust, the phone will not load the software at all. The digital signature guarantees, with cryptographic assurance, that the operating system software being loaded has not been modified. This eliminates a favorite technique for rooting phones.
Rollback protection is another method used by OEMs to prevent hackers from loading an outdated, insecure version of phone firmware.
Device security should cover hardware, software, systems and applications. Smart and comprehensive security measures on phones are necessary to detect any compromise with the device or data. On the privacy side, users need to control what data and permissions are granted to their apps and for what purpose. Samsung’s defense-grade security platform, Knox, for example, ensures your smartphone data is secure and users have easy tools to manage their data privacy.
When you’re at home, sharing your devices with your siblings, spouse, and parents is unavoidable. Many of us, however, tend to have certain aspects of our digital lives that we want to keep inconspicuous. Solutions like Samsung’s AltZ Life allow users to quickly switch from private to public mode with the push of a button when sharing their phones.
User device security and data privacy is an extremely important topic today. Consumers should spend time understanding and using the tools provided by OEMs. They regularly offer security updates to users, which should be installed as soon as possible to protect the data of their smartphones.
The author is Managing Director, Samsung R&D Institute, Bangalore
Financial Express is now on Telegram. Click here to join our channel and stay up to date with the latest Biz news and updates.