Troubleshooting Mobile Device Security – CompTIA A+ 220-1002 – 3.5

We rely on the security of our mobile devices to keep all of our confidential data safe. In this video, you’ll learn how to troubleshoot issues related to the security of our mobile devices.

<< Previous Video: Troubleshooting Mobile Apps Next: Documentation Best Practices >>

Although coverage on our mobile devices continues to improve, there are still certain areas where it’s very difficult to get a wireless signal. This means you’re not able to use your wireless provider’s network and there’s no 802.11 network to connect to for wireless Wi-Fi. If you are connecting to Wi-Fi network in a public area, such as a coffee shop or a hotel, you want to be sure to use a Virtual Private Network, or VPN. This will encrypt all of the data sent from your mobile device to the VPN concentrator. If anyone does look into the wireless network, they won’t be able to see any of your data within those packets.

You might also want to use your mobile device to provide internet access using a tether. This is a bit more secure than using a public Wi-Fi network, since it’s a bit more difficult to capture information being sent to the carrier’s network. If you’re not sure if you have a good connection to the carrier’s network, there’s many third party utilities that can perform a cell tower analysis and run a speed test to that carrier’s network.

A mobile device that has the power draining faster than expected could be a security issue. There may be an application that is using more CPU than you would expect or there may be more network communication than normal. In either case, you effectively have a denial of service as this device is rapidly losing its power and at the same time using all of the resources of that mobile device.

Before installing an application onto a mobile device, you may want to check to see if that particular application is legitimate. Something like ZAP, which Zscaler’s Application Profiler can give you information on how safe an application might be. If you happen to find an app that is using all of these resources, you may want to try to force stop that running app by using the built in app cancellation features of your mobile device.

Some mobile operating systems support anti-malware running on that device, so you can see what apps are safe to use. And if you’re just not sure, you can always perform a clean install. A factory reset will delete everything on that device. And then you can install known good apps back to the mobile device.

A malicious app could also create a situation where the data network is becoming slower and slower. If the app is sending a lot of data to your mobile provider and puts you over a limit, your mobile provider may turn down the speed of your connection. You can always run a network connection analysis, like a Wi-Fi analyzer, to see exactly what data is being sent from your mobile device. And of course, it’s always helpful if you know that you’re on a trusted Wi-Fi network that’s using encryption.

You can check the overall network speed with a third party app. They can see exactly how much information you’re able to send back and forth from your phone. There are also cell tower analyzer apps that can tell you exactly how much data you’re sending to your mobile provider. It’s very possible that an app that’s running on your device is sending something that you weren’t expecting, especially if there are a large file transfers or constant network activity. So it may take a bit of research to find that particular app and remove it from your mobile device.

The reason there is a specific Bluetooth pairing process is to prevent devices from connecting to each other automatically. You always want to check your Bluetooth list and make sure that you’re not connecting to a device that you weren’t expecting. You can always go to that list and remove any of the devices that you don’t recognize and later on if you need to re-pair to that device, you can always do that. One way to be sure that you’re definitely not sending any Bluetooth data to that device is to disable the Bluetooth radio completely. And after you do that, you may want to perform an anti-malware scan on the device to make sure that all of your apps are secure.

Our mobile devices contain a wealth of personal information and the attackers want access to that data. If you happen to see that there’s unauthorized access to your device or your personal information is somewhere you weren’t expecting, you want to find the source of that leak and make sure that no one is able to get any more information from your mobile device. A good first step is to determine where that data came from. You may want to perform an app scan or an anti-malware scan on your device and make sure that all of your apps are safe to use. If this data did leak from your device, it would be highly recommended to perform a factory reset to make sure that you have completely removed any malware from your mobile device.

And of course, it could be that the leak is not coming from your mobile device, but it may be coming from the place that your mobile device puts its data. We store in a large amount of data these days out in the cloud. And if somebody gains access to your cloud account, then they would effectively gain access to the data you access on your mobile device. You want to check the passwords on Apple iTunes, iCloud, your Apple Configurator, Google Sync, OneDrive. Dropbox, and any of the other online cloud-based storage systems.

Another piece of private information that should remain private on your mobile device is tracking information. Your mobile device knows exactly where you are at any time during the day. And being able to track exactly where you are and where you have been can be valuable information to an attacker. If you think there’s an app that’s tracking your location, you can run an anti-malware scan to see if you can identify what app that might be. You could also check the apps that you’ve loaded on your device with an offline app scanner to get more understanding of what those apps are doing. And if you think this tracking is occurring, you may want to perform a factory reset which deletes everything on your mobile device and restore from a known good backup.

Our mobile devices have cameras and microphones on them, which would be a valuable resource for someone who’s trying to gain information from you. If you think that any of the apps on your device are capturing this information, you want to perform a malware scan to see if you can identify those. There are also offline third-party scanners that can tell you if applications happen to be legitimate or not. And ultimately a factory reset would allow you to delete any malicious software on that mobile device and allow you to restore from a known good backup.