Wednesday, March 6, 2013

Smart Phones, are they really Smart? [InfoSec Perspective]

It was a pleasant night, I was having dinner and I got call from my friend that she lost her Phone! If it was 2005-08 no body would have got panic but this is Droid Age! And I left my dinner half done, to search her lost phone.

How many of you use smart phones? Today you will rarely find some one who is not using Android/WP/Blackberry, smart isn't it? But it's correctly said, with great power comes great responsibility. In case of smart phones it's Responsibility of Protecting the data within them.

Let's take a scenario, when you buy a droid phone the very first step you do is 'Configure Google Account' with the device. By doing so you are downloading your email headers directly on phone, syncing Contacts with/out email IDs, mobile numbers and what not. What is it? It's a data, which holds tremendous value untapped (unless somebody sells it in market!). Most of the people don't realize it unless it falls in wrong hands.
Another scenario, you flaunt your Droid phone with 5/8/12 mega pixel camera with blah blah features and lens. And off course you click 1000s of pics, to hide some candid and *strictly private* photos you make Folders inside Folders and put it [General Case]. These smart phones gives you extra power of storing location of the photos that you have clicked! Great isn't it? But imagine if you lost your phone and somebody copy all your photos on computer and make Great use out of it!

So what to do? Come on I'm not going to suggest you not to use *Smart Phones* but all you need to do is be little smart in order to use one!

My suggestions:

Step 1: Use Invisible Pattern (1000 times better than visible patterns, protects you from shoulder surfing) or pass code to implement basic security to your smart phone.
Step 2: Go for free version Antiviruses that are available in market place, many of them have feature of *Theft Protection* The moment somebody takes out sim card from your mobile and puts another, presetted mobile numbers gets the alert about loss of your mobile, some of them also provides current location of phone!
Step 3: Now a days SD Card Locker apps are available in market for free, do use it. Most of the photos,messages and other app data are stored on SD card. If you apply another layer of security, it'll be hard to retrieve the data & false password try will eventually erase the data on SD Card.
Step 4: RemoteWipe - This is a part of Mobile Device Management (MDM), it's of great help which can erase your data remotely if you happen to loose your phone.

If preventive measures are taken already then it's most likely that you'll worry only about Mobile Device and not the data, if you lose your phone somewhere!

Smart Phones are not Smart without you being it first!


I don't want to claim that implementing above controls will make your phone Risk Free but it'll definitely make it less vulnerable to data theft/loss.

2 comments:

  1. Sweet and Smart approch on Mobile Security. Links to apps mentioned would be appreciated.

    ReplyDelete