The system must keep mobile devices' communication protocols hidden,
protected with credentials or turned off.
This refers to protocols that allow data exchange such as
OWASP Top 10 A6:2017-Security Misconfiguration. Security misconfiguration is the most commonly seen issue. This is commonly a result of insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information. Not only must all operating systems, frameworks, libraries, and applications be securely configured, but they must be patched/upgraded in a timely fashion.
Start with Fluid Attacks
We are a proud corporate member of the OWASP Foundation