The consequences of a stolen phone

Your wallet is stolen. You wanted to pay for your tall latte and it is gone. You search all of your pockets and looked around, bewildered.

Maybe somebody found it and will hand it to you. No. It’s gone. The nice lady at the counter understands and gives you your coffee anyhow. That’s nice.

 

Cafe Latte (by amenic181 at freedigitalphotos.net)It doesn’t change the fact that your wallet is stolen. In your mind you create a list of everything that is in it. Some money, the tickets for the theater, your bank card and your credit card, some pictures of your children and a business card you got while you bumped into an old friend on your way to the coffee shop.

So now you reach for your phone, you have to call the bank to block your cards, you do not want some punk to get his dirty hands on your salary.

Oh wait and sh@#$%^&*, your phone is gone too…

In a recent white paper of the Atos Scientific Community the security aspects of mobile devices is addressed , as well as other aspects in the management of devices in the new bring-your-own-device concept that is being allowed by many companies and full heartedly embraced by employees.

The quotes below are from that white paper.

“Enterprise Mobile Management solutions currently available in the market address different aspects of BYO. Balancing those with network & access as well as data and applications usage will pave the way for a successful BYO implementation…”

Ok. It is gone, you do a quick mental inventory of what is on your phone.

Access to your personal and business email, Twitter and Facebook account. Your contact list of about 400 people with their email addresses, home addresses and telephone number included. On top of that access to your DropBox account with all the info on a recent bid and the complete cost break down of all products.

And because you have a new NFC enabled phone, your credit card is also in digital format on your phone. Now what?

“The key area to support BYO in 2016 will be tablets and their descendants (e.g. wearable computers), along with smartphones. We see these as the two key device segments.”

The white paper does not only cover this case of a stolen phone – it goes into all measures you can take if you adopt the bring-your-own-device scenario in your company.

What to do with applications, data and network access; all these aspects are clearly explained and some best practices are listed for any CxO that is looking into this.

“Security in such dynamic environments as BYO must be built on the assumption that anyone or any device may get access to the data, but that only authorized users should be able to use it for the intended and agreed purpose, and under a defined context.”

“Sir? Is this yours?” When you turn around you see a nice person holding up both your phone and wallet – you start breathing again.

At the same time you think about what you could do to avert the disaster that did not happen this time.

 

 


This blog post was previously published at http://blog.atos.net/blog/2013/06/24/watch-this-space-the-consequences-of-a-stolen-phone/


Choose your friends wisely

Sharing your personal information with the founders of FaceBook, MySpacePinterest, Friendster, Twitter and LinkedIn is probably something you would think about twice. The association of your private stuff with each of these networks is something you want to take very seriously.

There is an interesting tension between social networks and the concept of Privacy. Not only because some people will share what others will want to keep a secret; also because the social networks love to know more about you and continuously challenge your boundaries.

Let’s face it (pun intended) – the more you share, the more traffic you generate, the more money they make. It is that simple. So when social networks need to ‘take their responsibility’, they are acting against their nature (remember the story of the scorpion that wanted to cross the river?).

“If you are not paying for a product, you are the product being sold”

This tension between your privacy and their business model is described in detail in a recent whitepaper by the Atos Scientific Community (find it here) and they conclude:

“Social networking sites have been traditionally reluctant to take into consideration the data privacy concerns brought up by users and public authorities.”

The paper continues to look into the legal aspects of this subject and describes how we are dealing with the challenge of privacy in social networks. Several examples are cited and explained against the existing rules in Europe and the US.

In addition the paper goes beyond the legal aspects and also explores the technical aspects of privacy in social networks. Most interesting is their observation that there is not a single technology that will support the need for privacy:

“Privacy needs, inside and outside social networks, are quite different and should be tackled using specifically tailored technologies.”

You can imagine that privacy related to personal finance, banking information or on the other hand your holiday pictures are totally different datasets that need a different approach. The whitepaper shows this and explains how a difference can be made; it even explores the possibility of a ‘safe’ social network.

A full analysis is done of several technologies that can support a safer social network and allow for better control by the end-user. Also a word of caution is expressed by the authors on the possibilities of cross authorizing using for example your Facebook account log in on other sites.

Finally the observation is that the social networking domain, in which vendors and end-users struggle to get a grip on privacy, is in fact not ignoring the issue. So there is hope – but that does not change the fact you still need to think twice before you hit ‘Like’.


This blog post is a repost of http://blog.atos.net/sc/2012/10/08/watch-this-space-choose-your-friends-wisely/