Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Phones "Bigger Security Risk" Than Laptops

Posted by kdawson on from the low-hanging-fruit dept.

CWmike writes "A recent survey of 300 senior IT staff found that 94% fear PDAs present a security risk, surpassing the 88% who highlighted mobile storage devices as a worry. Nearly eight in 10 said laptops were an issue. Only four in 10 had encrypted data on their laptops, and the remainder said the information was 'not worth' protecting. A key danger with PDAs was that over half of IT executives surveyed were 'not bothering' to enter a password when they used their phone. A VP at the company that performed the survey said: 'Companies need to regain control of these devices and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate.' Is this just iPhone fear-mongering? Do you think the passwords execs could remember would help with securing PDAs and smart phones?"

7 of 174 comments (clear)

  1. Not surprising by grizdog · · Score: 5, Insightful
    Usually there is a tension between security and convenience/ease of use. Convenience is going to be paramount for most users of mobile phones, PDAs, etc. So security will typically take a hit.

    Remember, people want to use these things while they are driving a car, eating fast food, and listening to a book-on-tape. They don't want no stinkin' security features.

    1. Re:Not surprising by blincoln · · Score: 5, Insightful

      In addition to this point, very few companies (i.e. not Fortune 500's) either have data or IP worth stealing on executive's mobile phones or PDA's.

      The entire content of their inboxes doesn't count as data worth stealing? What about the potential for shorting the company's stock and then using their device to send an email from their account that will make the value drop (if only briefly)?

      --
      "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
    2. Re:Not surprising by geekmux · · Score: 5, Insightful

      In addition to this point, very few companies (i.e. not Fortune 500's) either have data or IP worth stealing on executive's mobile phones... What it comes down to is those companies that do have sensitive data on their mobile devices probably are large enough to have a competent IT staff capable of locking the device down properly. Er, contacts, sensitive emails, HR data, IP, financial data, contracts, just what exactly does your average CxO NOT deal in? Give me a break man, I mean hell, would YOU hand over YOUR smart phone to a stranger and not think twice about it? Your opinion on the value of data pretty much says it all. And NO, sheer size of a company does not yield "competent" IT staff, trust me on this one...
  2. IT departments securing handhelds by samkass · · Score: 5, Insightful

    The only handhelds allowed to connect to our corporate network are company issued ones, and they come locked down so you have to enter a password after a few minutes of inactivity to do anything except answer the phone. Our laptops come with the whole-disk encryption pre-installed. All external web access goes through the company proxy.

    It's possible to lock it all down instead of live in fear. Of course, there's a fine line between security and stifled innovation. Our company's proxies, by default, blocks blogs, and I have to request that they be unblocked one at a time. Since most of the discussion concerning JSRs for JDK7 development happen through people's blogs, it can seriously slow down the ability to do my job sometimes. But if you want things secure, there are going to be tradeoffs.

    (And if a company laptop doesn't contain ANYTHING worth stealing, the employee should probably be fired for not producing anything worthwhile :) )

    --
    E pluribus unum
  3. If you have physical access by s4ltyd0g · · Score: 3, Insightful

    It's pretty much a done deal. Keep sensitive data on a small device and if you lose it, assume it's compromised. Password or not.

    regards

  4. analog hole by Gothmolly · · Score: 5, Insightful

    I can't carry an iPhone, but I can bring home a file folder full of secrets.
    I can't have a cameraphone because I can 'steal' data, but you let me bring my 250GB laptop home.
    My email is filtered for PPI and dirty words, but you don't filter my Gmail.
    I can't FTP, but I can attach 10 MB files to webmails.

    Build a better mousetrap, and some management school out there will produce a stupider monkey.

    --
    I want to delete my account but Slashdot doesn't allow it.
  5. Re:Nothing to fear from iPhones by Achromatic1978 · · Score: 4, Insightful
    What a complete and total arse you are. How is the iPhone magically more secure than any other phone if it is stolen (a large part of what the article is about).

    How is the iPhone magically invulnerable to wireless issues, as the sister post describes.

    Another fanboy, "Oh no! Someone's perhaps saying something potentially negative about an Apple product! Must rush to defense!"