SaRB for SMO's blog pages contain between 3000-4500 words, as a non-subscribers you only have access to 800-1000 words.

(Reading time: 9 - 18 minutes)

Mobile Device Security for SMOs

Hot

Mobile device security

The first group of mobile devices appeared in the mid-nineties and provided personal organisation applications. These were called PDA’s (short for Personal Digital Assistant), they were a digital version of the Filofax, or diary. There were several of these around until they just fizzled out as an alternative to paper-based diaries or organisers.

This is edited content from Sarb Sembhi and co-host Nick Ioannou. Also in video and podcast media.

Introduction

When mobile phones took off, Microsoft created a mobile version of Windows to run on a mobile phone. This offered users an opportunity to connect to Wi-Fi, download apps, receive email, read documents, amongst other things.

"Most Organisations were not ready to deal with opening up their networks to personal devices, but it happened nonetheless."

However, things were still not that interesting for Organisations to consider using mobile devices in large numbers, this changed quickly when devices like the Blackberry, iPod, iPhone and iPad and Samsung deviceswere introduced,because these new breeds of devices created for “Bring Your Own Device (BYOD)into Organisations.Most Organisations were not ready to deal with openingup their networks to personal devices, but it happened nonetheless.

The transition from dumb devices and smart devices brought with it two dominant operating systems(OS) which obscured the othersto an early retirement. These two operating systems very early had realised that to win over users, they had to make the OS as open as possible to application developers, as the more apps that are available would attract more users.

This opening up of the OS was not just the OS, but essentially opening up of user data, in the contact list, in theaccountsusers created, what apps they downloaded, and so many other things, which some big tech took full advantage of. Privacy was the casualty of this OS war to win over customers through applications on the platform.

Security in the OS and the Apps was not even an afterthought, as the OS platform owners themselves collected vast amounts of data without permission. Although, some of this has changed due to legislation (andabelated realisation that taking our data was wrong!) now the OS platform owners seem to be promoting more effective security and privacy.

Over the period of this quick overview, what has happened is that mobile devices can now represent individuals, as they can be used to access allthe services that they subscribe to, pay for things in shops, transfer money to other people and accounts,reset our services via email or messaging, verify who we are (our identity) use electronic tickets to travelon trains and planes,control who gets into their homewhile they may be on the other side of the world, see who is going in and out of their home, control heating and lighting and energy in their home, etc.etc.The list is endless.

Our mobile devices are a representation of us, the more we use them for all the services that are available for them. So, the more applications and services we subscribe to on our mobile devices the more it is capable of becoming us in our absence. Is this risky for Small Organisations?

Attacks to mobile devices

Attacks to mobile devices have existed for many years, and since they first started to use of the devices for so many other functions, services, etc. has made them even more valuable as attack targets - not less.

This is only likely to increase not decrease, given that we already use them to do the following:

  • Store personal data that is not stored anywhere else
  • Store password lists

    This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.