ENISA has published a report called “Smartphones: Information security risks, opportunities and recommendations for users”, which is good reading for smartphone security issues.
10 different risks are evaluated:
- R1 Data leakage
- R2 Improper decommissioning
- R3 Unintentional data disclosure
- R4 Phishing
- R5 Spyware
- R6 Network spoofing attacks
- R7 Surveillance
- R8 Diallerware
- R9 Financial malware
- R10 Network congestion
Several recommendations are provided for Consumers, Employees and High Officials.
Note: NIST has produced document Special Publication 800-124 “Guidelines on Cell Phone and PDA Security” which is worth to look at the same time.