Affiliations: Fiberlink Communications, 1787 Sentry Parkway West,
Blue Bell, PA 19422, USA. E-mail: jfriedman@fiberlink.com | SMobile Systems, 2020 Leonard Ave., Columbus, OH
43219, USA. E-mail: dhoffman@smobilesystems.com
Note: [] Corresponding author
Abstract: Mobile devices such as laptops, PDAs and cell phones have become
essential tools for enterprise productivity, but they are in fact significantly
more vulnerable to attack than desktop computers. This paper provides a broad
overview of threats to mobile devices and the data that resides on them, as
well as available defenses. It provides a taxonomy that divides threats to
mobile devices into seven categories: malware, phishing and social engineering,
direct attack by hackers, data communication interception and spoofing, loss
and theft of devices, malicious insider actions, and user policy violations. It
then discusses security technologies that can be applied against each of these
threat types, including firewalls, anti-virus and zero day anti-malware
software, intrusion prevention systems, virtual private networks, data
encryption, device control and data leak prevention technologies. It suggests
how to assess priorities among the different threats and defenses, and
concludes with suggestions for further research.
Keywords: Mobile computing, security threats, laptop, virus, defense mechanisms and policies