Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data Management

02:27 PM
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

The Latest On Data Security For Mobile Phones

Attacks against financial organizations' servers have been well documented, but mobile devices now are also increasingly under threat.

Financial firms have been increasingly coming under siege from hackers. Intruders earlier this year hacked into Nasdaq's systems, Citigroup, the IMF and The New York Stock Exchange have all been under attack recently, as I note in Wall Street & Technology's upcoming 2012 Outlook issue (which will be out in November).

But while attacks against computers and servers have been well documented, mobile phones have been the forgotten child of data security.

Yet mobile devices are also increasingly coming under attack, particularly as more and more financial organizations allow their employees to bring their own personal mobile devices and use them at work. Today, mobile security has become an urgent concern, if not yet for consumers, for IT departments at the very least.

Few mobile users realize that their smart phones are actual computers, and contain lots of sensitive data ranging from corporate and other passwords, to data found in work emails. Yet cell phones have seen a dramatic rise in "smishing," where attackers send SMS messages with a link attached, urging a user to check out a picture or a game. When clicked, the link downloads malware on the phone and hackers can steal any information residing on your phone, notes Ben Knieff, director of product marketing, NICE Actimize.

Mobile apps have also come under fire: users rarely check out an application developer's credentials before downloading an "app". (I know I never check anything beyond a review when I download an app.) But you really need to see if these apps do what they say they're going to do. These apps could, if left unchecked, download malware on a phone. Android phones, which are more open to developers than Apple iPhones, are particularly at risk.

Today, financial corporations are increasingly putting the same security controls on mobile devices as on laptops, with lengthy passwords and the ability to remotely wipe out information from a stolen device. Some firms are also creating a white list for their employees, only allowing them for example to download five things onto an iPad they use for work, and nothing else, Mark Hansard, VP of security and systems at Virtela says. "But then it's all about enforcement of policies," he notes.

In the meantime, vendors are also experimenting with the opportunities that smart phones provide, including front facing cameras on phones such as the iPhone, which would enable iris recognition as a form of authentication, or finger printing scanners, NICE Actimize's Knieff says.

Other vendors are also coming up with new security solutions for mobile phones. While iPhones have been the target of fewer hack attacks than Android phones, (although there has been evidence of vulnerabilities with PDF files on the iPhone), the New York Times reports that a new vendor called Lookout is introducing an iPhone app that will alert people when their phones are "jailbroken," need software updates, use location services or access unencrypted Wi-Fi networks.

Lookout will also remind iPhone users to plug their phones into their computers to receive software updates, since many usually avoid dealing with this cumbersome, time-consuming and generally annoying task. Unlike Lookout's Android app, the iPhone app will not screen for malware, at least not for now.

Most importantly, smart phone users - myself included - should start using much more care downloading apps, opening applications or joining unencrypted Wi-Fi networks. And even if your company hasn't mandated you to do so (WS&T's parent company, UBM Techweb, which has a Bring Your Own Device policy, just forced us to), set up a secure password too, just like you would for your laptop. Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio

Register for Wall Street & Technology Newsletters
Video
5 Things to Look For Before Accepting Terms & Conditions
5 Things to Look For Before Accepting Terms & Conditions
Is your corporate data at risk? Before uploading sensitive information to cloud services be sure to review these terms.