Lose Your Cellphone? Odds Are, It’s Going to be Looked Through
What's even scarier, is that a new study finds the majority of people who find lost cellphones can't help themselves and dig through the phones content.
Computer security company, Symantec, placed 50 phones around Washington DC, New York City, Los Angeles, San Francisco and Ottawa, Canada. They placed these phones in locations where they would be easy for people to find and loaded each phone with logging software so they could track whether the people who found the phones snooped or not.
Of the phones found, only 50% of the people who found them made an attempt to locate the owners of the phones (although the phones owners name was clearly visible on the contact file).
96% of the people who found the phones snooped through them.
Of the data accessed on the phones:
- 43 percent checked the banking app.
- 57 percent opened the saved passwords.
- 60 percent snooped at personal emails.
- 72 percent couldn’t resist looking at the file marked “private photos.”
- 80 percent snooped through corporate information including files marked "hr salaries" and "hr cases"
Kevin Haley, head of Symantec's Security Response Team, offers a few tips:
- Use the screen lock feature and make sure that it is secured with a strong password or "draw to unlock" pattern. This is the most basic security precaution and requires minimal effort on the part of the user, yet can provide a critical barrier between personal information and a stranger.
- Use security software specifically designed for smartphones. Such tools can stop hackers and prevent cybercriminals from stealing information or spying on users when using public networks. In addition, security software can often help locate a lost or stolen device and even remotely lock or wipe it.
- When out and about, users should make sure that their mobile devices remain nearby and are never left unattended, being mindful of where they put devices at all times. It is also a good idea to make sure that they can differentiate their device from others that might be sitting in the immediate vicinity by adding distinguishing features, such as a sticker or a case.
He also offered advice for corporations:
- Organizations should develop and enforce strong security policies for employees using mobile devices for work; this includes requiring password-enabled screen locks. Mobile device management and mobile security software can aid in this area.
- Companies should focus on protecting information as opposed to focusing solely on devices—securing information so it is safe no matter where it ends up.
- Educate employees about the risks both online and physical associated with mobile devices, such as the impact of a lost or stolen device.
- Take inventory of the mobile devices connecting to your company's networks; you can't protect and manage what you don't know about.
- Have a formal process in place so that everyone knows what to do if a device is lost or stolen. Mobile device management software can help automate such a process.
- Integrate mobile device security and management into the overall enterprise security and management framework and administer it the same way. In essence, treat mobile devices as the true enterprise endpoints they are.