| Executives January 29, 2016


January 29, 2016

Your phone will become more important than your password

By Lookout

The password may be one of the worst security elements we have.
They are oftentimes easily guessed because we, as humans, are generally pretty bad at creating and remembering them. So, we use weak passwords across multiple accounts. We use simple passwords like “123456” or “password.” We share our passwords with our friends and family members (I’m looking at you, Netflix-share-ers).
The industry is also yet to find something better. The phone, however, presents new and exciting ways for companies to protect their accounts, which means the phone is also become a critical part of the hacker “kill chain.”
As we move into a time where serious data breaches happen multiple times a week, companies are emphasizing two-factor authentication into their accounts. The idea is that you know something, but you also have something. For example, an account may require a password in addition to a code sent to your phone (think of the Google Authenticator app).
Yahoo, for example, offers its users the option to sign into its email through a push notification sent to their phone. The idea is, if you have your phone, you can verify that you are who you say you are with the click of a button.
Mobile devices as targets
This also means, however, that the phone is becoming a target for attacks. Two-factor authentication and the like create a new attack scenario in which attackers must obtain control over a mobile device in order gain a little more access into the target system.
Two-factor and other iterations on our traditional authentication models are welcomed advancements. They will, however introduce new attack vectors, such as the mobile device, which will require a rethinking of where enterprise security priorities lie.
As the kill chain expands to include mobile devices, cybersecurity budgets also need to expand to include mobile device protection. Lacking security here may mean leaving an open hole in a company’s perimeter and it’s not a hole that will likely go unnoticed.
Want to learn more about securing mobility? Check out this whitepaper on Why Mobile Security Matters.

Author

Lookout

Leave a comment

Submit


1 comment


DeeCharee Woods says:

February 05, 2016 at 7:31 am

I dont think your all that great ...i havea hacker on my phone and now he's got my wifi so know he does what he wants ..he has your app fooled he scans everthing false look in to it.


Meghan Kelly says:

February 11, 2016 at 1:45 pm

Hi DeeCharee, I'm sorry to hear you're having some trouble here. If you think you might have encountered malware, feel free to reach out to malware [at] lookout [dot] com. You can also reach out to our support team who can hopefully help figure out what's going on here. support [at] lookout [dot] com Please include the email address associated with your Lookout account in any emails to support. That will help us to find your account sooner!