Posts Tagged ‘Data Security’

You Can’t Afford This

Sunday, May 24th, 2009
Very Vulnerable!

Very Vulnerable!

With its usual punchy headline, the New York Post announced “Subway Thief Smokes Bacon“. Apparently a thief in the Seventh Avenue subway station stole a Blackberry from actor Kevin Bacon. Bacon tried to chase down the thief in an apparent effort to protect the privacy of those celebrities whose contact information he had stored on the device. In an earlier blog about this issue, I wrote that small business owners cannot be as careless as Hollywood celebrities. Blackberry has a remote data wipe feature – make use of it! Once your Blackberry is lost or stolen, your systems administrator (or you, if you perform that function) can effectively “nuke” the device by remote control – wiping out all sensitive data and completely disabling it. Of course, once that action is taken, it cannot be undone if the Blackberry is subsequently recovered. So I would like to add a few additional tips to my original recommendation.

Although Kevin Bacon immediately began to chase the thief, this will not always be the case. There will always be incidents in which some time elapses between when the device is lost or stolen and when its absence is noted and reported. This leaves you vulnerable for data breaches before you put into effect the remote data wipe. So do not store sensitive banking or credit card information or other passwords on your Blackberry. And encrypt or password-protect your contact database and e-mail messages. A skilled hacker can probably break through this protection, but it is the first line of defense to slow him down before you direct the remote data wipe.

Not a Good Example

Tuesday, March 17th, 2009
Protect it properly

Protect it properly

Celebrities from Paris Hilton to Tom Cruise have experienced invasions of their privacy when their Blackberries were lost or stolen. Police recovered Hilton’s cell phone when the boyfriend of the person who found it attempted to sell it on Craigslist. It is unlikely that the police would go to such trouble to recover Blackberries stolen from small businesses. But then we should never find ourselves in such an embarrassing position anyway. Blackberry has a remote data wipe function that allows your network administrator to wipe out all contact information, e-mail messages and other sensitive data from the device as soon as it is reported lost or stolen. Of course, if the device is subsequently recovered, it is useless, even for reinstallation. It appears that the celebrities who expressed their dismay at their lost or stolen Blackberries were not familar with how to properly set up their cell phones. Learn from their example; the police won’t likely be tracking down your lost PDA. Set the appropriate security for all devices you and your employees.

Dial “C” for Caution

Thursday, February 12th, 2009
Sensitive Data Here

Caution: Sensitive Data Here

We are all sensitive to the need to protect confidential business data on our laptop computers, but have you given any thought to what is stored on your cell phone? Just a few weeks ago a man in New Zealand paid $10 for a used MP3 player and found it preloaded with U.S. military records and personnel data for troops stationed in the Middle East. In December, an old BlackBerry  was sold for $20 at a garage sale of the McCain Presidential Campaign. It was found to be preloaded with sensitive Republican donor information, emails, and more. Unfortunately, incidents such as these, while embarrassing, are all too common. Don’t let them happen at your small business.

Regenersis processed over two million mobile phone handsets in 2008 and last December, during a random sampling of 2,000 recycled mobile phones, found that 99% of them stored sensitive data such as banking information and confidential e-mail messages. The average mobile phone is replaced every 18 months; if you do not clear these handsets of data before you recycle or dispose of them, you may jeopardize the security of your small business. Of course, not all cell phones are recycled or donated once they are removed from service. In the U.S., over 700 million cell phones that are no longer actively used are stockpiled in homes or businesses, which also pose security risks.

Do not rely on the next user or the cell phone recycling firm to purge your data for you. It is safer to invest a minute or two to learn how to do a proper factory reset/hard reset on your phone, remove memory and/or SIM cards, check to make sure everything’s been wiped, and then dispose of your handset.