Member Article

Rise of the smartphone increases business risk

By the end of this year, 174 million people worldwide are predicted to be using a smartphone; a figure which is set to almost double to a staggering 328 million by the end of 2017.

Increasingly, people are using their phones to make work related calls, access their emails, work documents and calendars - indeed, recent research found that more than 47% of all email is now accessed via a mobile device, rather than on a computer. As this usage increases, employers need to become far more savvy than they currently are regarding the data security risks, warns industry expert Julie Pickersgill, operations director for data destruction expert Advanced Digital Dynamics.

As mobile technology becomes ever more sophisticated, losing a phone or tablet, or failing to erase data from an old device, can have long lasting and far reaching consequences – including damage to corporate reputations and hefty fines.

“The biggest mistake we make is that we look upon smart phones simply as a telephone when in fact they are small computers and should be handled as such. Many people don’t realise quite how much data is stored on a mobile device, and that just running the factory reset doesn’t erase the data from the Secure Digital (SD) cards,” says Julie.

She continues: “Data can only be destroyed fully by using specialist software approved by the government’s own information security arm. It’s not simply a question of deleting all your contacts and text messages as accounts that are set up for synchronisation and websites you’ve visited will leave a digital footprint. At ADD we use military grade software to wipe data from all hardware, including phones and tablets.”

Julie suggest that if an organisation provides staff with phones or tablets for business use then they should have a remote working policy in place, which includes information on the acceptable use of the device.

“A mobile phone or tablet is more personal than an office computer and even when they are owned by the organisation, the user will always be the administrator. Therefore it is critical that he or she is fully aware of potential security risks - and most people are just not aware until a loss or theft occurs,” adds Julie.

Julie advises employers and staff to follow some simple steps to minimise the risks of mobile security breaches:

• Phones and tablets have the facility to set a security password so use it. However, don’t use the same password for everything – and put a password on the SIM, not just on the device itself
• Back up your data regularly, so that if you do lose your mobile device, you haven’t lost all your data
• Be aware of how much information can be gleaned from just plugging a smartphone into a PC - everything from web addresses to text message conversations and tweets are saved
• Don’t forget there are different places on a mobile device to save and therefore to destroy data. You may use an SD card for your media, but you may also unwittingly save data to the internal memory as well - both will need checking to ensure data is removed
• Erasing images: many mobile devices use a folder called DCIM for photos. And if you use both the camera app and a third party app there may be a separate folder for this 3rd party app – you need to ensure that images are removed from both
• You can run the factory reset on the phone to erase everything on your phone, but remember to also clear the SD card. For ‘belt and braces’ security then invest in specialist wiping software to ensure that no data can be retrieved
• Make sure you transfer any data you wish to keep onto a PC or other devices.

ADD Ltd provides independent business IT solutions in hardware and software, as well as safe onsite data destruction, lifecycle asset management and disaster recovery. Clients comprise small to medium sized businesses as well as global blue chip companies, NHS Trusts, local authorities and police forces throughout the UK.

This was posted in Bdaily's Members' News section by Julie Pickersgill .