Mobile devices such as smartphones and tablets are dominating the IT landscape. As of 2014 there are almost 7 billion mobile subscriptions worldwide. Statistics reveal that 85 percent of consumers use the same device for personal and professional purposes, which has caused organizations to face mounting regulatory compliance mandates and security issues.
Currently, it’s estimated that 113 mobile devices are lost or stolen in the U.S. each minute. Most mobile devices contain substantial amounts of sensitive data—both business and personal. In 2013 companies in the U.S. paid an average of $3.5 million per breach (53 percent business sector, 19 percent government). Thirty-five percent of the breaches, resulting in data leakage, were attributed to lost or stolen mobile devices. Effective ways of avoiding the risk of a security breach include updating your mobile software, implementing data access control, utilizing secure data backup, and using encryption.
So, where should you start?
Keep Your Hardware Up-to-Date
Mobile devices are computers with software that need to be kept up-to-date, just like your PC or laptop. Mobile device manufacturers and application vendors regularly issue updates to fix known security and performance issues. It is important to ensure your devices have the latest versions of these updates, including operating system and/or application patches.
Protect Sensitive Information
Adopt the following practices to protect data on your mobile device(s):
- Secure your device using a strong passcode to lock your device.
- Keep your device physically secure while traveling.
- Avoid keeping sensitive data on your device, and when you do store such data, limit the quantity and time it’s maintained on the mobile device.
- Always use encryption when backing up your device.
- Only keep geo location, Bluetooth, and Wi-Fi features on your mobile devices active when you are using them. Be aware that social networking sites may automatically post your location if you have geo location enabled. Learn how to disable the geotagging feature on your phone at http://icanstalku.com/how.php#disable.
- Don’t click on links in emails or text messages unless you trust the sender and were expecting to receive a link from them. As with larger computers, malware, spyware, and phishing attacks against mobile devices are often initiated by clicking on links.
- Be aware of the signs of potential compromise of your mobile device, including decreased device performance, random functions, or calls, texts, or emails to numbers and email addresses you don’t recognize.
- Report your device lost or stolen as soon as you are aware so that you may leverage the remote wipe capabilities to prevent the unauthorized disclosure of data.
Connect with Care
Use common sense when you connect. If you’re online through an unsecured or unprotected network, be cautious about the sites you visit and the information you release.
- Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your phone.
- Protect your financial information: When banking and shopping, check to be sure the site is security enabled. Look for Web addresses that begin with “https://” or “shttp://”, which means the site takes extra measures to help secure your information. (“Http://” is not secure.)
- When in doubt, don’t respond. Fraudulent texting, calling, and voicemails are on the rise. Just like email, requests for personal information or for immediate action are almost always a scam.
Protect Others’ Privacy
Adopt the following practices to protect others’ privacy.
- Avoid taking photographs while within the workplace, especially in a health care setting, unless it’s part of an approved operating procedure.
- Obtain permission before taking pictures or videos of others with your mobile device.
- Even with permission to photograph, you may be inadvertently capturing images with sensitive images, text, etc. in the background. Review photographs to ensure potentially sensitive information is not being inadvertently revealed.
For National Cyber Security Awareness Month (NCSAM), the University of Miami Information Technology (UMIT) department will be sharing important information, tips, and resources that focus on different cyber security issues, including cyber crime, mobility, and online safety. This year marks the 11th anniversary of NCSAM, sponsored by the Department of Homeland Security and the National Cyber Security Alliance.
If you have questions or concerns related to this topic, please contact: firstname.lastname@example.org.
When in doubt, immediately call the UMIT Service Desk:
o Coral Gables/Rosenstiel School campuses: 305-284-6565, email@example.com
o Miller School campus: 305-243-5999, firstname.lastname@example.org