Why Hackers Love your Phone

Why Hackers Love your Phone

July 7th, 2014 by Christopher C. Wright

Spread the word —

Every year scores of Petaluma business owners trade in their phone for upgrades, switch to new carriers, or otherwise ditch their old mobile device. With modern smartphones having access to your corporate email, contact list, and often private files or network access, taking a careful look at how to secure these devices before trading them in is essential for any business owner. Today we examine an essential and often-ignored aspect of protecting your company: mobile security.

In years gone by criminals looking for information on a company’s internal structure, client records, or other confidential information often had to crawl through dumpsters and read thousands of documents, a process made much more time-consuming and difficult by the advent and widespread adoption of paper shredders. Nowadays however most business owners keep enough sensitive information in their pocket to make criminal hearts skip a beat. In addition to the email, private network access, and other communications, enterprising criminals can extract your GPS information, pictures, Google searches, and much more. As technology advances it becomes increasingly easy to pull information off of a recycled or discarded phone, to the point where any technological hobbyist can do it with a little know-how.

How then to secure your information, particularly when trading your phone for a newer model or moving to a new network? With these easy steps you can ensure that you mobile devices are better hardened against criminals who want your information:

Quick Tips on Mobile Security:

  • Encrypt your Data — many open-source and commercial packages exist that can encrypt all or parts of your phone. In most cases strong encryption makes cracking into the phone prohibitively time-consuming, whether your phone has been lost, discarded, or traded in.
  • Always Wipe your Phone — before turning it in to a store or trading your mobile to a reseller, make sure to restore the device to defaults. While not foolproof, this adds an additional layer of protection against those who would try to snoop information off of its internal harddrive, particularly if you have previously encrypted it.
  • Delete All Sensitive Information — even before you wipe the phone, try to delete as much information off of it as possible. In some applications this will overwrite the data with garbage, making sure it is not recoverable.
  • Only Deal with Authorized Retailers — while eBay and other auction sites are awash with individuals offering quick payment for your mobile device, there is no way to verify that they aren’t going to try and snoop your information. Where possible deal with your mobile carrier directly or a retailer that is well-known in the community.
  • Initiate Remote Wipes — for companies using Active Directory and Microsoft Exchange, initiating a remote wipe is a great method to streamline these procedures when trading in multiple phones in the business environment. This should also be done any time an employee reports a phone stolen, even in a BYOD environment.

While having a strong information security plan that is regularly audited is an essential part of protecting your copmany’s resources, clients, and investments, it is imperative that such a plan detail what to do in the case of mobile phone changes; too often we have seen mobile security fall by the wayside when in today’s world it is just as important as having a strong firewall or limited gateway.

Also see our previous article about keeping your data secure while using Public Computers!

Interested in keeping your information out of the hands of criminals and spammers? Call us today at 415.462.6297 and see what MSMB Networks can do for you!

MSMB Networks — Your IT Professionals!

Christopher C. Wright is the CTO of MSMB Networks, focusing on network and system administration, upgrade planning, disaster recovery, and IT budget analysis in Petaluma and all over Sonoma and Marin Counties. With more than fifteen years of hands-on experience, he is committed to educating and protecting his clients, ensuring they receive the best individualized support possible. Email him at christopher@msmbnetworks.com

Spread the word —

Latest Tweets

All future personal tech tweets will be posted at @Tech_Poet – thank you everyone for the support!
I wonder if I should keep using this handle for my personal tech projects and observations, now that MSMB has retired. Thoughts?
I just wrote 3500 words on @meraki hardware and dashboard software, woo! Coming to a blog near you.
RT @EFF: UPDATE: Hours before a scheduled vote on net neutrality, the CA utilities regulator took the item off the agenda: https://t.co/0yV
Make sure to do your Windows Updates; @Microsoft released some important ones this week!
RT @TEDTalks: “We need to build an Internet where privacy is no longer just an option, but the default.” - Andy Yen #TEDGlobal

MSMB Networks

855 Grouse Ln
Petaluma, CA 94954