jump to navigation

Small, Devastating Devices December 8, 2013

Posted by Jiaqi Wu in Security.

One of my colleagues told me a story. He said he hates the iPhone.

“But why?” I ask. “Imagine how much easier your life has become because of the iPhone.”

“Let me tell you. We used to submit reports in the evenings right before we went home. Some nights I would be up late writing up a report and submit it by around midnight. Then my boss would get around to reading it and give me feedback after lunch the next day. That gave me some breathing room to relax in the morning and get into work a little later since I was burning the midnight oil the night before. However in 2007 when the iPhone came out, that’s when everything changed! I would wake up and see replies from my boss at 9am with the little ‘Sent from my iPhone’ signature. That means I have to go to work immediately to fix my assignments. I hate the iPhone!” he explained.

Imagine in all the companies in the world how many people view sensitive emails on their iPhones in the morning right after they wake up, in a car ride, or on public transportation. It is incredibly easy lose a device especially since phones keep getting thinner. Basic security features need to be available on all corporate phones. It is without question that passcode protection is the bare minimum. Such a basic piece of security will prevent a large percentage of people from being able to discover sensitive information.

The other methods for protecting a corporations assets include

  • limiting company services accessible via mobile
  • limiting apps available on the device
  • bluetooth management
  • lost phone hotline
  • antivirus software

Although these methods can be effective, they can also cause severe annoyance to the employee. One that especially interferes with the comfort of the user is limiting apps available. I was given an iPhone 5 for work and it is mostly unrestricted. There are some security profiles enabled which force the use of a passcode however most of the features on the phone still function. If some of the security policies above are implemented, my appreciation of the device would be greatly reduced.

Many of the subjects that we have covered in this seminar are different from the subjects of mobile security. In the articles listed for this week, the subjects have mostly been about process oriented techniques to ensure secure computing. The subjects we covered in class the last semester have been around many highly technical subjects such as buffer overflow which do not necessarily pertain to the mobile security domain quite as prominently.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: