SaRB for SMO's blog pages contain between 3000-4500 words, as a non-subscribers you only have access to 800-1000 words.

(Reading time: 10 - 19 minutes)

Mobile Device Security for SMOs

Hot

Mobile device security

The first group of mobile devices appeared in the mid-nineties and provided personal organisation applications. These were called PDA’s (short for Personal Digital Assistant), they were a digital version of the Filofax, or diary. There were several of these around until they just fizzled out as an alternative to paper-based diaries or organisers.

This is edited content from Sarb Sembhi and co-host Nick Ioannou. Also in video and podcast media.

 Glossary Terms in this Blog Article - hover to view, click for full glossary.

Introduction

When mobile phones took off, Microsoft created a mobile version of Windows to run on a mobile phone. This offered users an opportunity to connect to Wi-Fi, download apps, receive email, read documents, amongst other things.

"Most Organisations were not ready to deal with opening up their networks to personal devices, but it happened nonetheless."

However, things were still not that interesting for Organisations to consider using mobile devices in large numbers, this changed quickly when devices like the Blackberry, iPod, iPhone and iPad and Samsung deviceswere introduced,because these new breeds of devices created for “Bring Your Own Device (BYOD)into Organisations.Most Organisations were not ready to deal with openingup their networks to personal devices, but it happened nonetheless.

The transition from dumb devices and smart devices brought with it two dominant operating systems(OS) which obscured the othersto an early retirement. These two operating systems very early had realised that to win over users, they had to make the OS as open as possible to application developers, as the more apps that are available would attract more users.

This opening up of the OS was not just the OS, but essentially opening up of user data, in the contact list, in theaccountsusers created, what apps they downloaded, and so many other things, which some big tech took full advantage of. Privacy was the casualty of this OS war to win over customers through applications on the platform.

Security in the OS and the Apps was not even an afterthought, as the OS platform owners themselves collected vast amounts of data without permission. Although, some of this has changed due to legislation (andabelated realisation that taking our data was wrong!) now the OS platform owners seem to be promoting more effective security and privacy.

Over the period of this quick overview, what has happened is that mobile devices can now represent individuals, as they can be used to access allthe services that they subscribe to, pay for things in shops, transfer money to other people and accounts,reset our services via email or messaging, verify who we are (our identity) use electronic tickets to travelon trains and planes,control who gets into their homewhile they may be on the other side of the world, see who is going in and out of their home, control heating and lighting and energy in their home, etc.etc.The list is endless.

Our mobile devices are a representation of us, the more we use them for all the services that are available for them. So, the more applications and services we subscribe to on our mobile devices the more it is capable of becoming us in our absence. Is this risky for Small Organisations?

Attacks to mobile devices

Attacks to mobile devices have existed for many years, and since they first started to use of the devices for so many other functions, services, etc. has made them even more valuable as attack targets - not less.

This is only likely to increase not decrease, given that we already use them to do the following:

  • Store personal data that is not stored anywhere else
  • Store password lists

    This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.

    Default sample Threat Map infographic


    Infographic images are copyright of Virtually Informed, and available to registered users for download during the publication week of the blog article together with other downloadable resources, including: all related infographics on this page, example policy templates, posters, screen savers and much more. 


    Actions and Activities

    Now, on SaRB for SMOs:

    • Help us to help you by completing our short poll on this topic (only available when article is published).
    • Let us know which FAQs you would like us to answer.

    Later, in your Organisation:

    • Complete Board level Policy Review
    • Update Policy
    • Present to the Board for Agreement

    Finally, if you know anyone who could benefit from the information you have viewed, please invite them to register for SaRB for SMOs and share our resources with them.

    Follow-up Resources:

    Virtually Informed Resources:

    • Glossary - at the top of this blog article (link to items).
    • Infographics (Downloadable in the week of publication).
    • Download Items - Policy Templates, etc. (Downloadable in the week of publication).
    • FAQ’s (Available soon).
    • Blog articles (link to items )
    • How To articles (links only available to Premium subscribers).
    • Other content (available soon)

    External Resources:

    • Ponemon Institute Survey
    • Other Survey information

    Images from https://www.pixabay.com.