gAtO hEaR- Agiliance and Cisco both predict that Smartphones (cell-Phones) will be the big news for 2012 as related to cyber security hacks and attacks. Mobile devices are the biggest seller as to terminal devices that people use to communicate via cyberspace. Look at the power it gave the “Arab Spring” and others. The problem is that smartPhones have a lot of problems as to personal and company owned, that companies need to be address. Delineation of employer-owned versus employee-owned data for the workplace will become a major step that companies do not yet understand. Who own the data on my personal smartphone if I use it to conduct business. Who makes sure that if I lose my cell phone all company data is encrypted and meets regulatory standards.
employees phone have company IP (intellectual property) BI (business intelligence) and KM (knowledge management)
Cell phone have no embedded strong authentication or secure mobile operating systems. Does my company do vulnerability scanning on my phone to find the newest viruses or is it up to the individual to make sure virus scanning is up to date. On top of all these problems are social networks that are being access via these mobile devices. In social network confidential information about a work and/or project can give the competition an edge. With all the new phone apps is it the employees job to monitor that the new “angry bird” may have access to call others and send them geo-location or how about it send out all your business contact you have in your address book that you sync with the office calendar and corporate email.
Mobile devices will make a big change as companies figure out their employees phone have company IP (intellectual property) BI (business intelligence) and KM (knowledge management) and the aspect of who owns the phone and who owns the data will become a big deal for HR departments worldwide. Smartphones need better security since they are used in business transactions everyday.
Strong authentication for mobile devices is non-existence. How about the ability to scan employee’s phones for viruses, trojan that can infect your companies data center. Remember the employee normally owns the phone so the legality of using personal mobile devices and the security of the company data may need regulatory actions to mitigate compliance. So companies need to know who uses personal mobile devices at work.
If the mobile device is personal your company may not be able to stop employee’s from using it on social media. Social media on these device can allow everyone to know confidential company information to be tweeted anywhere even the competition. Cyber criminals are cruising social networks for your company information for targeted phising attacks and mobile devices are very unsecured.
USCyberLabs.co will handle the other Big 2021 Security issues in future post.