Smartphones are an inevitable presence in everyday life. High-level officials and decision-makers use mobile devices to handle and store sensitive information that should be protected as well as possible.
However, those mobile devices are fundamentally unsecurable – it is impossible to have absolutely secure systems, even if users follow security policies. In addition to possibly poor cyber hygiene, such as free games that use malicious advertisements or inadequate settings in social network services, mobile devices can often be compromised without the user’s knowledge. This could lead to disclosure of personal information or sensitive data with dire political and national consequences. Additionally, offensive campaigns can be staged against decision-makers through compromised mobile devices that can have detrimental effects.
This study describes and analyses threats and risks related to mobile device usage scenarios and presents countermeasures and mitigation mechanisms for them. This is done by analysing several public documents including security guidelines, checklists, security controls, presenting features of existing products (such as secure smart phones) and work of security researchers. In addition to these, new countermeasures and recommendations are presented.