The Mobile Security Risk
June 24, 2011
By John Westra, Director of NuWave Government Solutions. From SBAM’s member-only Focus on Small Business magazine.
DANGER!!! Unsecured mobile devices can result in identity theft, data loss and personal embarrassment! Although we may never see a warning label like this on the packaging of our next smart phone or tablet computer, the risk is still very real!
These mobile computing and communication devices are in reality very powerful small computers. Most of these devices have more processing and storage capacity than the first personal computers many of us owned. The response by software vendors has been equally amazing and there are now tens of thousands of mobile applications to choose from; everything from games like Angry Birds to social media, personal development, health management and even mobile banking. In addition to their advanced computing capabilities, these devices come equipped with mobile broadband and/or WiFi communications and GPS functionality that turns them into always-connected, geo-locatable data conduits.
It’s the combination of lots of data, much of it personal in nature, a built-in communications channel to the outside world and the high value of the hardware itself that is turning mobile devices into a prime target for thieves. The worst part is you don’t even have to have your physical device stolen to be robbed!
There is a growing threat from malicious applications or simply poorly written software. These apps can intentionally or by accident, reveal personal and business information such as phone numbers, banking information, health information or whatever other information is stored on the device.
How Risky are Mobile Devices?
To judge the risk you face from this type of data loss, imagine all of the data on your mobile device being printed on sheets of paper and distributed to A) known criminals intent on stealing your identity and any money they can get their hands on or B) the members of your church, business or social club? If the thought of having all of your information distributed like this doesn’t bother you, you probably don’t need to read any further. However, if reading this paragraph made your mouth drop open and created a sudden feeling of dread in the pit of your stomach, read on to find out what you can do to minimize your risks.
This is the easiest and yet most challenging problem for many people to solve. After all, who hasn’t left their cell phone somewhere? Making a point to always put your cell phone back in its case, your pocket or purse is a good habit to keep it from getting lost. Conversely, never set your device down on a public table or counter, where it can be easily forgotten.
Keeping the Snoops Out
All modern mobile devices come with some type of time-out and password “lock” system. Like any other computing platform, you will want to use a password that is random and difficult to guess. If you are using a key-swipe style of password, don’t use an “L” or simple “/” swipe code. The good news is this will deter casual data snoopers. The bad news is it will take a dedicated cyber criminal all of about two minutes to bypass this minor annoyance and access your data.
It’s not just the data that’s on your mobile device that’s at risk if it gets stolen. Most people are now using their mobile devices to access a variety of business and personal online web content. If a criminal gains access to your mobile device and you’ve set up your mobile browser to remember passwords to those sites, it becomes a Pandora’s Box of badness.
To combat this particular risk, we encourage our clients to install a password security management app like LastPass (www.lastpass.com). This was one of the apps we reviewed in a previous article, “Making The Web Work For You.” LastPass and similar password management applications have built in the ability to encrypt all of your mobile web passwords with a single strong password. In the case of LastPass, these passwords are stored securely in the Cloud and synchronized with any device LastPass is installed on, including smart phones, tablets, laptops and desktops.
Malware is classified as any application designed to corrupt, steal or otherwise harm data or harm the underlying hardware. Most of the major antivirus vendors, including Norton, McAffee, AVG and Kaspersky have released either a first generation or BETA version of a mobile security software solution. Initially, these have been released for smart phones, but tablet support, at least in BETA, should be available from at least a few of these vendors, by the time you read this. I use and recommend an application called Lookout (www.mylookout.com), which is available for Android, Blackberry and Windows Mobile devices. These applications will scan for identify and block malware threats.
Backup, Device Location and Remote Lock / Wipe
One of the reasons I like Lookout for mobile security is that it offers additional tools besides anti-malware to help keep your mobile device secure. In practice, a product like Lookout will allow you to A) keep a secure backup of all your mobile information, B) protect your information from malware threats, C) locate your mobile device if you’ve misplaced it or had it stolen and D) in the event you discover your device has been lost or stolen, lock it or wipe it completely.
By following the suggestions and installing the software security apps mentioned above, you will dramatically reduce your risks from the loss or theft of your mobile device. If you are a business that is looking for mobile solutions, including security, please let us know!
John Westra is Director, NuWave Government Solutions. With over 25 years of SMB and government technology and business consulting experience, Westra is currently serving his second elected term as a Trustee in Ada Township.
E-Mail email@example.com or phone (616) 425-8856, Twitter: www.twitter.com/john_westra, Facebook: www.facebook.com/westrajc, Linkedin: www.linkedin.com/in/westrajc.