If one in three houses in your street were left with their front doors open at night would you think their owners were asking for trouble? One in three PDA users keep their PDA’s unprotected by not bothering with passwords which could end with the same dire consequences as keeping their doors open at night.
A bit far fetched you might think but what happens when your unprotected PDA is pick-pocketed to order, lost or stolen and ends up in the wrong hands? Money could be taken out of your bank account, all your personal and business secrets could be breached, your customer databases could be stolen or worse still you could lose your entire identity. According to Home Office Minister Beverley Hughes at a recent Combating Identity Fraud Conference, ID fraud costs the country more than L1.3 billion every year and takes the average victim of identity theft 300 hours to put their records straight.
Here are 20 facts on how people use their PDAs compiled from the PDA Usage Survey 2003 conducted by Pointsec Mobile Technologies.
1. A third do not use passwords to access their PDA – and yet a third use their PDAs to store their passwords.
2. The most common place to lose a PDA or other mobile device is a taxi.
3. The second most common place to lose a PDA or other mobile device is a bar – (too many drunken PDA users maybe?)
4. Forty one percent are now using their PDA to access their corporate network.
5. Fifty seven percent do not encrypt the corporate data held on their PDA.
6. Over 25% of PDA users have lost it at some time.
7. Over half of PDA users don’t bother insuring their PDA against loss.
8. Ninety eight percent do not insure the information held on their PDA.
9. Seventy three percent of companies do not have a specific security policy for mobile devices.
10. Eighty percent of people back-up the information they store on their PDA.
11. Eighty five percent use their PDA as a business diary.
12. Eighty percent us their PDA to store business names and addresses.
13. Seventy nine percent use their PDA to store personal names and addresses.
14. Seventy five percent use their PDA as a personal diary.
15. Forty eight percent use their PDA for entertainment – games/music etc
16. Thirty five percent use their PDA to create documents/spreadsheets.
17. Thirty three percent use their PDA to store passwords/PIN numbers.
18. Thirty two percent use their PDA to receive and view emails.
19. Twenty five percent use their PDA to store bank account details.
20. Twenty five percent use their PDA to store corporate information 25%
These facts show that the PDA is replacing the filing cabinet for many users as they no longer keep their national insurance or bank account details under lock and key at home, but transport this highly confidential information around with them – with many blissfully unaware of the security implications if this information is lost and not adequately protected. Apart from the obvious ramifications of losing their PDA with all their personal and business information on it, if users store customer information they could also be in breach of the Data Protection Act 1998.
Therefore, users should become more security savvy if they are to enjoy the freedom and flexibility provided by mobile computing – they can do this by adhering to a few general principles whereby passwords and possibly encryption are used at all times if the information stored on their PDAs is valuable.
In the general work environment where mobile devices are used, employers should introduce a workable mobile security policy and remember to communicate it regularly to the workplace. They need to carry out regular audits of mobile devices within the organisation and make sure that if staff are using their own mobile devices to store customer information that these are installed with a security system which is compatible with all devices which are centrally managed. Finally users should never be allowed to circumvent these access control systems and companies should always use the most up to date software to defend against know security loopholes.
By creating a mobile security policy an organisation can secure and protect its data while in transit as if they were building Virtual walls and achieving the same physical security measures that would normally be found in an office environment.