Slashdot Mirror
Smart Phones "Bigger Security Risk" Than Laptops
CWmike writes "A recent survey of 300 senior IT staff found that 94% fear PDAs present a security risk, surpassing the 88% who highlighted mobile storage devices as a worry. Nearly eight in 10 said laptops were an issue. Only four in 10 had encrypted data on their laptops, and the remainder said the information was 'not worth' protecting. A key danger with PDAs was that over half of IT executives surveyed were 'not bothering' to enter a password when they used their phone. A VP at the company that performed the survey said: 'Companies need to regain control of these devices and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate.' Is this just iPhone fear-mongering? Do you think the passwords execs could remember would help with securing PDAs and smart phones?"
surbey sez know.
How secure is your password?
Some examples of common passwords which I saw on multiple occasions on different client boxes:
typewriter
sex
" " (three spaces)
coffee (a college ICT admin favourite)
manu ("Man United", if the desktop was soccer themed or the client wore a red shirt, chances were this was his password)
horses (no prizes)
swordfish (no prizes)
0000 (if it's anything that requires a 4-digit user pin, such as Bluetooth, this'd be it)
0000000000 (the blanket launch code for the US nuclear arsenal)
Dictionary words, names of favourite family members, spouses, dates of birth... the list is obvious and goes on.
I'll stop there before I hit the combination for Bush's overnight case and really piss someone off (incidentally, it's 111-111)
Operation Guillotine is in effect.
Is this just iPhone fear-mongering?
Of course it is, because the iPhone is the only PDA or SmartPhone in the world... (If you live under an Apple or a Rock.)
I've had users laminate their user name and password to their laptop palm rest. Security of information is great and all, but in the end, the user is the weakest link.
Spelldot - Spelling for nerds, grammar that matters.
Did I stop submitting when the editors started rephrasing all submissions in the form of catchy imbalanced questions?
Tags (experimental): {Yes, Definitely, Sadly, Slashdot+has+become+digg}
If you mod me down, I shall become more powerful than you could possibly imagine.
In each computer desktop, laptop, and smartphone, we installed hardware encryption and a C4 charge with remote 2 tier authentication for detonation. The two tier authentication was introduced after an unfortunate mishap involving our CFO getting his arm blown off while out golfing; it turns out the detonation frequency was a maritime frequency as well.
The C4 will also detonate if a password is entered incorrectly twice. We encourage employees who are "out of it" or even slightly ill to take the day off, and require them to call IT should they ever type their password in wrong once.
We also use an operating system completely built in house with a semi AI running security diagnostics at all times, and we have live people watching the network traffic to the few systems that are actively connected to the internet. Any systems that manage to get infected (to date, none) would also receive the C4 treatment. A bit draconian, but it gets the job done. Our datacenters also have thermite ceilings designed to completely melt down the facility if it comes under attack (three armed guards 24/7 are at the red button, just in case some new tech decides to think about hitting the button.)
Protecting the world has taught us to take our own security seriously. Hopefully, you can learn from these measures and take the proper safeguards for your own facilities and equipment (remember, the answer is always hardware encryption and C4.)
Thank you,
Ortega Starfire
CTO, Hoffman Institute
For The Advancement of Humanity
---- Liquid was a patriot ----
We were in quite a hurry to post this... No time for spellcheck!
"A VP at the company that performed the surbey..."
kdawson: Its spelled "sorbet".