Portable devices are a major risk for corporate data breach
Many cyber criminals have recently turned their attention away from corporate networks toward more vulnerable smartphones and tablets. Smartphones and tablets frequently hold client information such as phone numbers, mailing addresses, email addresses, confidential documents, and email correspondence. This information is prized by cyber criminals because it can be used to break into corporate networks.
Spy software, which will allow hackers to program them to send confidential information back to hacker control websites, can also be implanted onto these devices.
Bringing risks to the office
“Bring your own device” corporate policies mean that personally owned smartphones and tablets are being connected to corporate networks. This has frequently resulted in the unintended release of confidential information. Blackberries have always had strong enterprise-level security features. However, their use has diminished as they are being replaced by iPhones, iPads and Androids, which are not as secure. Androids have been especially susceptible.
Risk management techniques that can be implemented
- Data encryption: Most android phones don’t have native data encryption. As a result, third-party applications must be relied upon.
- Password improvements: Many mobile devices do not activate password protection features or they are too weak.
- Remote Wipe Capabilities: Most smart phones have the capability to wipe the data clean the device is lost or stolen.
- Network Intrusion Software: Logs should be regularly checked to detect unauthorized intrusions.
In addition to the implementation of risk management techniques, Cyber Liability insurance should be purchased. The cost for coverage is expected to decrease rapidly for smaller businesses as Cyber Liability endorsements may be added to Business Owners Policies at greatly reduced rates.
Source: “The Spy Who Robbed Me,” Insurance Journal, October 8, 2012.