smartphone security Archives ⋆ Page 16 of 36 ⋆ Mobile Commerce Press

Tag: smartphone security

FCC requests mobile security changes by wireless providers

Lucy | December 9, 2014

Wireless companies have been asked to begin making the alterations following a device theft study.

While smartphones are incredible and convenient, a recent study on the theft of these devices has caused the FCC to start requesting that mobile security changes be made by wireless companies in order to help to better protect consumers.

Thefts of smartphones have become increasingly common and increasingly devastating to the owners.

As theft is on the rise with smartphones, the FCC has been seeking out ways to provide better mobile security in order to protect consumers when their devices leave their hands and end up in the hands of someone whose intentions aren’t good ones. Earlier in 2014, the FCC created a working group that has been analyzing data on the subject of mobile device theft. Last week, they issued a massive 140 page report on the topic that included a number of key findings about the handling of smartphone theft as well as about its prevention.

This type of mobile security research was a challenging undertaking, as nationwide data has never been made available.

Mobile Security - FCC Report National level data about smartphone theft has never existed before. The data about stolen mobile devices has been broken down into the approximately 18,000 different law enforcement agencies that operate across the United States. This made a notable challenge out of aggregating the data. Conversely, the total number of incidents may not be as high as the best estimates that have been created by consumer advocates. However, there could also be many thefts that have occurred but that have not been reported.

The next challenge that was faced was in terms of discovering what happens to stolen smartphones. Clear data was not available outside of anecdotal evidence, that suggested that a notable proportion of stolen smartphones are resold in countries “that are both geographically and politically remote from the U.S,” said the report from the FCC. This means that the issue of reducing this problem would require considerable international cooperation.

The FCC is now recommending that wireless companies take a number of mobile security steps, which include: making restore/wipe/lock functions a default on all devices sold, add electronic unique identifiers (like fingerprints) for phones to make it harder for thieves to re-flash them, making sure that employees double-check appropriate databases to ensure that new customers aren’t activating previously stolen property, and keeping those databases up to date.

Mobile security policy may not be adequate at Social Security

Denny | October 2, 2014

Many believe that there continues to be exposure to considerable weaknesses with this technology.

The results of a review that was conducted on the mobile security levels through the use of smartphones and tablets by employees of the Social Security Administration (SSA) has revealed that there are considerable weaknesses.

It has been stated that a significant reason that this problem exists is due to the lack of a cohesive policy.

This problem and speculation regarding mobile security at the SSA was identified and published in a report by the Office of the Inspector General. What the Inspector General’s office determined was that the federal agency “did not always conform with federal standards and business best practices to mitigate unauthorized access to the agency’s sensitive information.” It determined that as the use of devices such as tablets and smartphones continues to become more prevalent, this represents a vital weakness.

A serious mobile security gap can exist when many common behaviors are adopted by SSA employees.

While it is true that the use of mobile devices give SSA workers the opportunity to accomplish a great deal more, even when they are not sitting at their desks, there are certain behaviors that are considered to be quite commonplace among private device users that can leave a gaping hole in security when used on a professional level. Among them are the downloading of third party apps, as well as accessing the internet over an unsecure network. This spikes the risk of loss or theft of sensitive data.

Among the tests that were conducted on the security of the mobile device use by SSA employees was the copying of a file by the Inspector General’s office to a mobile device. Though the agency’s own standards would have required that this file encrypt itself automatically, this was not the case during the test.

Equally, among the 17 employees of the SSA that were interviewed in this review process, only half showed that they understood that for mobile security purposes, it was important that their agency-provided devices be used exclusively for official government business. Moreover, not a single one of the people who were interviewed were able to identify a policy that was specifically meant to guide them with regards to the use of these gadgets.