Posted on 12/26/2016, by Jeremy Edsall
The Smartphone Security Threat
American workers are increasingly using their smartphones to access email and conduct business while they are away from the office, but without proper security measures in place, a lost or stolen smartphone can quickly become a data security nightmare.
Researchers at computer security firm Symantec recently dropped 50 smartphones in high-traffic areas like elevators, shopping malls, and public transit stops to see what happened when someone discovered one of these “lost” smartphones. The phones were loaded with fake business and personal data but also equipped with special software that allowed Symantec to track every action the finder performed on the phone.
Despite having the owner’s contact information conspicuously displayed on the phone’s main screen, only half of the people who discovered the lost smartphone attempted to return it to its owner. What people did instead was make repeated efforts to access the data stored on the phone:
• 72 percent tried to access an app called “Private Photos.”
• 57 percent opened a file named “Saved Passwords.”
• 43 percent attempted to access online banking app
Especially concerning for employers is that more than 80 percent of the time there was also an attempt to access corporate data:
• 53 percent of those who found the phone clicked a file named “HR Salaries.”
• 49 percent tried to access an app called “Remote Admin.”
• 45 percent attempted to access a corporate email client
• 40 percent clicked on “HR Cases.”
Regardless of whether the attempts to access proprietary data were malicious or merely the result of idle curiosity, an unsecured mobile device represents a significant data security liability. Don’t wait for an incident to occur before taking action. Contact Friedman Associates for more information on creating and implementing a formal policy that deals with mobile device security.