|Should you encrypt your mobile phone?|
One of the more ubiquitous devices of the modern era is the smartphone. We can do nearly everything on it, and as such it has played a large part in the blurring of the lines between work and life. While this is good for many businesses, many of these devices are largely unsecured, which can lead to problems, especially if the unsecured data is actually sensitive company information. One way to secure devices is through the use of encryption.
Encryption is not a new concept, it’s probably been used since the inception of communication. In standard terms it’s the conversion of data into a form that can’t be easily understood by unauthorized people. This form is commonly referred to as a ciphertext, or more commonly a cipher. Some people will call this a code, as codes are the same idea. Only the form is not meant to be secure and can be understood by other people e.g., binary code, Morse code, etc.
When data is encrypted, it can be sent to recipients, usually using normal transmission methods e.g., Internet or data connections. Upon receipt of the encrypted data, it needs to be decrypted (changed back to normal data). Decryption on mobile, and most computerized devices, is done using a key. This key is an algorithm that can understand both the encryption and normal data. It takes the encrypted data and essentially translates it to a form of data we can read or interact with.
Many businesses go to great lengths to ensure their data is encrypted both within the network, when sent amongst the network, or to trusted recipients outside the network. In a perfect world, all of your connection points – devices that connect to the network – would be secure. In the real world, employees using mobile devices that are unencrypted to store data or access company systems pose a big risk.
Take for example the CEO checking his work email on his own iDevice. Any emails sent between the company’s email server and the phone’s email program will usually be encrypted. However, when an attachment is opened with confidential news about an upcoming merger, a copy is usually downloaded onto the phone’s memory. If the boss hasn’t taken steps to encrypt the mobile device’s memory, and the phone is lost then someone picking up the phone could turn it on and see this information. If the user can understand the information, they could create a ton of trouble for both companies involved.
Another scenario, one that’s becoming more popular, is where the company’s accountant has visited one of the increasingly popular drive-by-malware sites and malware has been installed on an unencrypted phone. The accountant might open work emails and download next quarter’s financial projections, along with a document containing the password to a newly reset work account. The phone’s memory is unencrypted, so the hacker who monitors the malware can come along and grab the information. Now, not only does the hacker have access to the system – through the password – they also have confidential numbers a competitor would likely pay a handsome sum for.
While these situations may seem extreme, they can and have happened. The risks can be minimized though. While the obvious answer to problems like this is to simply bar employees from accessing work systems from mobile devices, this solution runs counter to the way most people work, and will likely be largely ignored by nearly everyone.
The best solution lies in a mixture of different approaches, all centered around a solid mobile device usage plan. You should take steps to first figure out when your employees access office systems using a mobile device, why they are doing this and what are they accessing. From there it’s a good idea to look into security options, vendors like us can help you with this step. It’s also beneficial to establish a use policy that dictates when devices can and can’t be used. Also, utilizing apps to encrypt memory on phones will help. At the very least, it’s a good idea to encourage your employees to use a password on their phone.
Mobile device encryption should be an important part of your company’s security plan. If you’d like to learn more, or implement a security system please contact us as we may have a solution that meets your needs.
|When to use To, BCC and CC|
Writing letters are so last century. Can you remember the last time you actually wrote a letter using pen and paper? For many of us, that would be a very long time ago. We’ve switched almost exclusively to email, and for many this has lead to a communication revolution. While email is fairly simple, there are some finer points that many users fail to master, including the To; CC and BCC field.
|5 benefits of the SSD, may force HDD|
For years, the most common hard drive in use, regardless of user base, has been the hard disk drive (HDD). While it is an incredibly important part of the computer, it’s quickly coming to a point where price and storage capacity will level off. There is another option waiting in the wings; the solid-state drive (SSD), which brings with it some great benefits.
|Who's in charge of your passwords?|
One of the biggest storms in recent memory hit the Eastern US in early November causing widespread destruction. There is always a lesson to learn from events like these, regardless of your location. For businesses, the storm made owners and managers pause and wonder if they are prepared for such a large scale event. They are forgetting to look at the smaller disasters that can be equally devastating. One such potential problem revolves around essential passwords, and who manages them.
|5 advantages that make OS X 10.8 roar|
OS X’s latest version – 10.8 Mountain Lion – has been roaring for almost 10 months and until recently, there wasn’t a ‘new’ OS to compare it with. Now that Windows 8 is out, businesses have the ability to compare both and businesses are increasingly starting to lean more towards OS X, mainly due to ease of use. There are certainly many other advantages to Apple’s platform.