With its ability to bring the office anywhere, mobile technology seems like an entrepreneur?s dream come true.
?
But few business owners realize how quickly the dream can turn into a nightmare if they don?t protect their data on-the-go.
?
According to a 2011 Consumer Report survey, only 20 per cent of mobile phone owners in the United States password protect their devices.
?
?Information assets represent most of the value of every company that exists today,? says Claudio Popa, an author of two books on information security and president and CEO of the Toronto-based Informatica Corporation, which specializes in data protection. Businesses need to be concerned, ?anytime any sort of classified information leaves the confines of their networked perimeter,? he says.
?
That means the increased use of wireless networking and BYOD, short for bring your own device ? company policies that let employees? use their own mobile technology at work ? can be major risks.
?
But the benefits of mobile technology far outweigh potential pitfalls. So Popa says small business owners should utilize all the technology out there, but do so safely, while creating safeguards for the protection of both their information and client data.
?
This means businesses should be on guard, he says, ?any time personal information is shared in a mobile setting.?
?
The biggest risk is a simple one ? lost phones.
?
According to a 2011 PCWorld article, most thefts occur when phones are left in a highly visible location, such as an open bag or tabletop, while in a public area. There?s little that can be done to change the human element behind this problem ? even computer-giant Apple was forced to learn a hard lesson in 2010 when one of its iPhone prototypes was lost and ended up in the hands of tech blog Gizmodo. Still, precautions, in the form of password protection or apps for remotely wiping data, can be taken to protect sensitive information, if not physical devices themselves.
?
But the growing popularity of smartphones is raising concerns about a more virulent problem ? malware infiltration.
?
A 2012 study commissioned by the Canadian Wireless Telecommunications Association found 98 per cent of businesses that supply employees with mobile phones don?t place any restrictions on downloading programs.? But malicious apps are hard to detect and can cause a host of problems ? viruses exist that can log a user?s key strokes, take control of microphones and cameras, and even track a device?s location using GPS.
?
Phishing, a term that refers to the practice of tricking people to reveal personal information to a fraudulent source, is another major threat. According to a 2009 Statistics Canada study, four out of 10 Internet users reported experiencing at least one phishing attempt. That amount increased to nearly two-thirds for survey respondents who made online purchases at least once a week.
?
It?s an easy enough process. Hackers setup login screens that imitate popular social network or ecommerce sites and send out links to the unsuspecting public. If users enter their? passwords on the spoof screens, attackers have their login information recorded.
?
And sometimes, users don?t have even have to download or login for their information to become compromised. Public wifi is? notoriously insecure, and programs exist that allow hackers to monitor the data tansfered between hotspots and any user accessing them.
?
The enormity of the problem is difficult to quantify, says Popa.
?
?The issue with mobile security breaches is that we are still seeing these devices in their infancy,? he explains. The newer the device, the more difficult it is to detect security weaknesses.
?
But, there are ways to fight against security breaches on mobile devices, and most methods are straightforward, inexpensive, and effective.
?
ENCRYPTION
?
Employ data encryption ? basically scrambling data so only those with proper tools, or ?keys? can unscramble it ? to ensure confidentiality, and apply it to not only devices but also their attachments, such as internal memory cards. iPhones encrypt outgoing messages automatically, while apps like Cellcrypt Mobile protect phone calls, and WhisperCore 0.5 is an effective program for shielding data stored on Android devices.
?
PASSWORDS
?
Introduce passwords on all of your mobile devices to block access to anyone who isn?t an intended user. Use a combination of letters, numbers and punctuation to make them as strong as possible.
?
CHANGE DEFAULTS
?
?Default settings are basically open so that the use of the device is very flexible in a variety of different environments,? says Popa, adding that this flexibility equals insecurity. For example, a major vulnerability of the 4S iPhone is that its Siri command system, which is designed to recognize any voice, can be accessed to send emails and texts even when the phone is locked. According to Apple, activating the phone?s password lock and turning off Siri access in its settings easily fixes the problem. Defaults are different for every device, so check with your provider for possible vulnerabilities.
?
BACKUP
?
Establish a regular backup routine to keep a copy of your data in case a device is lost or needs to be wiped remotely. Many programs, including iTunes, can automatically back up mobile devices whenever they?re plugged into a computer.
?
UNNECESSARY SOFTWARE
?
?Every piece of software increases the chance of the device being breached,? says Popa. In other words, any software not being used for business should be removed. And, Popa says, entrepreneurs should act proactively by educating employees on the problem and reminding them to avoid unnecessary downloads.
?
MOBILE DEVICE POLICIES
?
Popa urges businesses to set mobile device policies that identify different employee groups and their technology uses, as well as what kinds of data they need to access and what programs or apps they require.
?
These policies should determine whether employees can download software on their own,? define the acceptable use of company technology (including whether it can be used on public wifi hotspots), and identify what BYOD devices are supported. It?s also important to decide whether to manage mobile security in-house or by contracting out to external experts, and to consider how policies are enforced and relayed to employees. Popa also recommends double-checking implementation with an outside expert to ensure there aren?t any security holes.
?
PROGRAMS FOR PROTECTION
?
Mobile device security products range in scope and cost. Many have moved to cloud technologies and provide a wide array of services. Apple?s iCloud, for example, offers a freeFind myPhone app that allows users to track a lost phone?s location, and, if necessary, wipe its contents.
?
For BlackBerry customers,BlackBerryProtect comes pre-installed and provides a phone locator and data wiping, plus information backup, user data encryption and the ability to manage several phones from one I.D. account.
?
LookoutSecurityandAntivirus offers protection for iOS and Android mobile devices with GPS tracking, antivirus protection and data backup. The basic version is free, and a premium version offers remote lock and wipe services, protection while web surfing, and protection against phishing for just under US$30 a year. McAfee, another well-known name in the security business, offers a similar servicefor roughly the same amount.
?
But entrepreneurs looking for more comprehensive protection should opt for services like Symantec MobileManagement, which offers everything from policy controls for passwords to cross-platform management of mobile devices.
?
Popa says it?s critical to implement these programs and strategies before problems occur.
?
?The only solution is prevention,? he says, adding that breaches are often extremely expensive, and that ?once information goes out, it can?t come back.?
Source: http://www.starbusinessclub.ca/sponsor/white-paper-sponsors/mobile-security/
hook troy miracle andy whitfield kennedy demi moore roy oswalt
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.