Not a day goes by without a new story about some security screw-up involving a lost or misplaced BlackBerry. This week, officials with John McCain’s campaign mistakenly sold a BlackBerry to a Fox television reporter for $20 in a fire sale.
The device contained confidential campaign information. And many Hollywood gossip publications were abuzz earlier this month with news that Tom Cruise had lost his BlackBerry while promoting a movie in Toronto.
Because of their small size, BlackBerries and other handheld mobile devices have a big chance of being lost or stolen, according to Stewart Wolfe, senior manager advisory services for IT security, asset management and software compliance with KPMG LLP., in Toronto.
“The likelihood of leaving your BlackBerry or PDA powered on or unlocked in the back of a taxi are considerably higher than leaving your laptop in the same state,” Wolfe said. “You must carefully consider what applications you put on the device, what information you store on it, and the business impact if the device falls into the wrong hands.”
The KPMG manager highlighted three major concerns regarding misplaced BlackBerries:
- Theft of a device that has not been password protected
- Unencrypted data stored on the optional memory card
- Malicious applications that try to steal company information
With such security vulnerabilities, little wonder White House officials want President-Elect Barack Obama to relinquish his BlackBerry before taking office.
Are there steps you can take immediately to keep your BlackBerry safe and prevent theft or tampering?
Dan Hoffman, author, mobile security expert and CTO of Columbus, Obio-based SMobile Systems offers five straightforward, easy-to-implement steps to keep your BlackBerry safe.
1) Treat your BlackBerry like a PC
You wouldn’t shop online, open e-mail attachments and check your bank account on your PC without having the proper firewalls, anti-virus and anti-malware protections in place, would you? So, why are you doing it with your BlackBerry? A BlackBerry is a mini computer, said Hoffman.
“The perception that viruses and malware are not a problem on BlackBerries is out dated,” said Hoffman. “The reason we don’t hear about widespread infections is because the nature of malware has changed. Infections used to be done for fun and notoriety. Now these crimes are financially motivated.”
Without software that can scan for problems and update virus definitions, BlackBerries are being quietly infected without their owners even knowing it, said Hoffman. And the creepiest part of that news is that the most popular type malware currently seen on BlackBerries is spyware, according to research from SMobile Systems.
“Spyware can intercept every email and text message that goes in and out of the device. And it can remotely turn on the phone and listen in on conversations,” said Hoffman.
2) Watch your back
Does this sound familiar? You are killing time during a layover in Dallas and are housekeeping on your BlackBerry: Checking and responding to work e-mails, making important work-related calls. Maybe you are even checking your bank account.
“I can’t even tell you how much personal and sensitive information I’ve inadvertently seen or heard over the years because of what people were doing with their mobile devices,” said Hoffman.
Hoffman recounts a recent flight where he sat directly behind a BlackBerry user who was organizing all of his passwords and entry codes.
“I could see everything though the seats,” said Hoffman.
Hoffman’s point? Be discreet. Keep your private information private by taking care of business in a place where prying eyes can’t see. And keep the conversations in front of people to a minimum. Besides risking a potential breach, you also risk annoying your neighbor.
3) Keep it on you!!
This sounds like the most obvious piece of advice, but as Hoffman points out, this is where most of the trouble begins for BlackBerry owners.
“They are small and just left everywhere,” noted Hoffman.
Popular places for slip-ups and loss include bars and restaurants where users place the device on a table or a bar, get into conversation and forget about. This not only opens up the possibility of leaving it behind, but also for theft. Even a temporary theft can be damaging. The bad guy can either obtain sensitive data or install a Trojan horse within a matter of seconds once the device is in hand, said Hoffman.
4) Have a back up
Ok, so you didn’t follow the last step and now you have idea where your BlackBerry is located. What can you do? It depends on if you have prepared for this scenario.
If it’s a corporate device and you work for a company with an enterprise BlackBerry server, contact IT immediately. They can remotely lock or wipe the device. If it is your personal BlackBerry, or if your company doesn’t have that kind of support, consider installing software that gives you this kind of capability. Investing in a program that gives you remote access means you can lock the device so others can’t get into it. You can also back up the information you have stored on the BlackBerry and wipe it clean if you think it is lost permanently.
The investment, said Hoffman, means a lost device is simply a lost device, a piece of hardware. If you act quickly enough, it won’t mean the loss of sensitive corporate data.
5) Utilize encryption
On RIM devices, encryption is there, said Hoffman. Users simply need to activate. But many unfortunately do not.
Five mistakes to avoid for better mobile phone security
With files from Nestor Arellano