Today, many people work with/on their smartphones, tablets and laptops. A large proportion of these are also out of the office on travel and/or from their home.
Many companies also want their employees to bring their own equipment such as tablets, smart phones and so on. Not only can these companies break the law, but they open themselves up to a whole host of security flaws. These are popularly called BYOD, BYOT, BYOP or BYOPC. Whatever you choose to call it, we call it risky!
We at Paranoid Mind has compiled a summary list of some of the many risks and explanation on some of the threats that may exist against today’s smartphones, tablets and laptops. An explanation of words and expressions are available by moving the mouse over a word or go to the dictionary that is linked in the menu above.
Malware – is program code that usually comes in to your phone, or any other technical device, via software that appears to be something else. For example, an app that looks like a well-known app but that is free.
- Gathers information
- Steals information
- Destroys information
- Collected information is sold
Information in this context include, amongst other things,
- Trade Secrets
- Personal Information
- Contact Details
- Customer Data
It is difficult to avoid something you do not know you should avoid. Therefore, it is much easier for uneducated/uninformed employees to be exposed to above-mentioned malware and also:
- Wifi Hijacking
- Open Hotspot
- Bluetooth Snooping
- Hidden URLs/QR-code
- Bad Apps
- Minute Attack
- Message Forwarding
- Remote App Installation
Rarer, but still a risk, are attacks such as
For example, biotechnology companies, and other research-intensive companies, has invested many millions, sometimes billions, in their research. This research database can then with relative ease be erased or sold to a not so scrupulous competitor. There is big business in the art of IT-security. More so for the IT-security people operating on the other side of the law. Therefore it is important that staff is trained/informed and each new employee has access to information and a policy informing them about the IT security functions in the company and what is allowed and not allowed. That way you reduce the risk that the company loses money, information, and/or prestige. Usually costs the loss of information if far greater than the investment in a well-informed staff and checked IT-system. Remember that eyes from the outside often see more than the local staff since they can be “home blind”.
Do you know the, or even have a, policy if a phone is stolen?
Do you know if someone has taken home the customer database on a USB stick to work at home?
What to do if your home computer/smartphone/USB stick with the customer database are stolen?