As more employees are bringing their own mobile devices (BYOD) to work, Alistair Broom explains why now is the time to get serious about mobile security.
We humans are still the best hacking tools.
We click on links on websites that we might not recognise, but do so because we are “trusting”.
And we don’t expect our personal information to have any value outside of its intended use.
214TB data lost at the Olympics
We care more about our personal devices and information than we do of our business information.
The loss or theft of a smartphone with confidential personal and business data is therefore a huge cause for concern.
Before the London Olympics, UK-based security company Venafi estimated that 67,000 devices containing 214.4 terabytes of user data would be lost during the event.
This is a staggering number of devices within such a short timespan.
And according to McAfee, fifteen times more mobile phones are lost and stolen than laptops.
Unfortunately, users are not sufficiently protecting their smartphones. Many assume the device manufacturer has taken the necessary measures to protect a mobile user’s sensitive information.
While the latest phones may offer built-in security software to enable a degree of secure web browsing, they are not 100% safe.
Even users in Finland, which has a strong history in mobile technology, have a poor record when it comes to mobile security.
A 2011 report from F-Secure revealed that only 52% of Finnish end users change the native passcode or other security functions found in the mobile devices.
A number of end users will not know how to manage application permissions on their device. Unbeknown to them, some will often compromise their own devices. Even if the native security controls provided by the phone are being followed by the user, there is still a risk of malware.
Blackberry no longer perceived as a target for cyber crime
The type of smartphone you own also affects how secure your personal and business data is.
Windows 8
Windows 8 uses a system known as sandboxing to provide an increased level of security. Sandboxing protects a system by limiting the actions of an application, such as accessing files on a disk or resources over a network.
IOS (iPhone/iPad)
For iPhone users, iOS has a software evaluation process in the App Store but it has been exploited, and some argue it is just as vulnerable as Android if the device has been compromised.
The rest
Symbian and Blackberry have lost their market share significantly over the past three years, so are no longer perceived as interesting targets for cyber crime.
How to protect yourself and your business
You can take some simple steps to minimise the risk of your smartphones being hacked.
Firstly, users should deploy the native security controls within the phone, including changing the default PIN and setting up unlock passcodes.
The most effective way to maintain security is to also back up your device regularly using robust software from reliable, trusted brands.
If you own an Android device, download an anti-virus for extra precaution.
Write down a list of your devices and inform officials/operators in case they are lost or stolen.
Lastly, if you are asked to download or give permission to something you don’t understand or recognise on your phone, then don’t agree to it.
Mobile device management is one of the best tools available today
Mobile Device Management is an effective technology that can mitigate the consequences of a security breach.
Android devices and iPhones can be remotely locked or wiped clean of sensitive data, or even tracked down using geo-location. Windows 8’s sandboxing feature also supports mobile device management.
Better safe than sorry
With mobile devices carrying more and more business critical data, can you afford not to be careful?