Security Issues with Smart Phones

Security experts are saying that cyber criminals have
turned their attention to iPhone, BlackBerry, and Droid
devices, which are far more vulnerable than computers.

Our mobile devices are now mini-computers that just happen
to make phone calls.

When employees use smart phones and other mobile devices
to store information and transmit data, a company is
opening the door for hackers.

SECURITY ISSUES WITH SMART PHONES
A. Smart phone encryption technologies are still in their
infancy and are highly dependent on the phone carrier
networks for security.

B. Smart phone web browsers are less secure than their
PC and MAC counterparts.

C. An employee may not know that sensitive data is stored
on the phone.  This becomes a problem when the person gets
a new phone and gives away or sells the old phone.

D. Some companies allow employees to use personal mobile
devices to access data.

E. Hitting the “delete” key doesn’t mean data disappears
from the phone.

HR POINTER: Companies need to take the following measures
to protect sensitive data:
1. Prevent all mobile devices from accessing sensitive
data or standardize the use of operating systems with
company-owned smart phones and laptops.

2. Only allow remote workers access to corporate networks
via a virtual private network (VPN).

3. Use advanced wiping technology to destroy information
when getting rid of a phone.

4. Never use regular e-mail to communicate sensitive data
and only attach encrypted files to emails.

5. Create stronger passwords (e.g., minimum of eight
characters and a mix of letters, symbols, numbers, and
punctuation) that are changed regularly.

6. Only download apps from known or trusted sites.

7. Employ remote wiping or locking services in the event a
smart phone is lost or stolen as these services can erase
data in memory and lock down phones remotely.

While it may be hard to completely protect mobile devices
from sophisticated threats, a company with strong security
practices greatly reduces its liability in the event of a
lawsuit from the loss of sensitive information.

Share With Your Colleagues:
This entry was posted in Tip Of The Week. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *