Concerns about mobile security are among top threats to information confidentiality and integrity, according to quick survey of 2011 "top ten" lists. Unlike human individuals who face the challenges of multiple personality disorder, our mobile computing devices do not experience any associated memory loss as they switch from one "personality" to another. Whether we are using our smart phones for transacting corporate business, checking in with family members, broadcasting our vacation tweets, verifying a patient's health record, or transferring funds, our phones track everything we do. And remember everything.
Therein lies the rub.
Although a smart phone looks like a phone, acts like a phone, and uses a 10-digit identification number like a phone, it is really a sophisticated information repository. It works diligently to broadcast its geographic location back to the service carrier -- and anyone else who cares to listen. It may also quietly send your information back to marketing companies and others as a value-add feature to free or for-pay applications you have downloaded. A fascinating Wall Street Journal investigation of 101 smart phone apps shows that use of these apps is a two-way process. Information recorded on phones, including geophysical location, personally identifiable information (PII), and the phone's unique ID number may be "voluntarily" sent to other companies. Plus, mobile devices are very easy to misplace. The NYPD reports 22,000 mobile devices forgotten in taxis -- per week! Fortunately, I only have to "call myself" once a week or so. (OK, in a good week.)
Meanwhile, a high percentage -- more than 66% -- of employees connect to their corporations' networks using mobile devices, according to a survey by Courion Corporation. 22% of those companies surveyed have investigated information exposure via lost or stolen mobile devices. Juniper Research released a report last month that projected mobile payment growth from $240 billion in 2011 to $670 billion worldwide by 2015. Mobile devices are becoming standard technology in both health care and public safety sectors as well. As we converge our various personae into the convenience of a single device, we need to consider how to control boundaries so that we know, and can decide, which personality is talking -- and to whom.
- 2010 Proofpoint Survey
- Herzig, T. Mobile Devices: 10 Security Tips. Security Agenda (Feb 2011)
- Courion Corporation
Jennifer Kurtz is a technology and economic development consultant currently focused on information security and privacy. She has held appointments at Purdue and Ball State Universities in Indiana and currently teaches graduate courses in information assurance at Regis University in Denver. Her work in telecommunications includes leading Indiana’s statewide broadband infrastructure initiative as Indiana’s eCommerce Director, building and managing the telecommunications infrastructure for Delco Remy International, and co-authoring a 10-year strategic plan for the US Department of the Treasury. She recently wrote a chapter on data leakage prevention for a book published in early 2011 by the American Bar Association, The Data Breach and Encryption Handbook. Her degrees are from The American University and Anderson University.
Connect with Jennifer Kurtz on LinkedIn.
Find out more about the master's degree program in Information Assurance through Regis University's online program. Request more information or call us at 877-820-0581 to speak to an Admissions Advisor.