Does your company employ a Jeff, Nick, Todd or Tom? To guard against data theft, employ a mobile device management solution from Aglet Technology. In St. Louis, call 314.200.8995 for a comprehensive IT audit.
Jeff is a high level employee. Jeff receives hundreds of emails a day some of them containing sensitive personal data. To ensure he stays up to date, Jeff has IT configure his smartphone to receive his email. On one of his many business trips, Jeff hops into a cab, with bags, briefcase, tablet and wallet in his hand. Jeff sets his phone down for a minute to pay the driver and retrieve his belongings. As the cab pulls away Jeff rearranges and reaches for his phone. He quickly discovers he left it in the seat of the cab that is now lost in a sea of yellow cars. The driver, none the wiser, picks up another passenger and to their delight sitting in the seat waiting for them like a present is a shiny new phone. Instantly, all that email is at their fingertips. It could take hours for Jeff to get the phone turned off, meanwhile, his email and data could be forwarded or posted online.
About 3.1 million American consumers were victims of smart phone theft in 2013, Consumer Reports projects, based on our latest nationally representative survey of adult Internet users. That’s nearly double the number we previously projected had been stolen during 2012. The survey also projects that 1.4 million smart phones were lost and never recovered last year.
Nick is an unhappy employee. Nick feels he is not being treated fairly or paid properly. Rather than voice his frustrations Nick embarks on a personal mission. He is going to capitalize on the data he has access to, but he does not want to face criminal or civil litigation. Because Nick can access the company repository via an app on his phone he begins taking screen shots of valuable data he can use to leverage a competing company for a generous salary. Saving the pictures to his personal phone he may not be violating any policies and there is no overt malicious activity.
In another instance, Nick is present in a strategic meeting which he enters harmlessly toying with his phone. Nick is actually turning on his microphone to record the entire meeting. Now Nick has compiled a virtual library of key data that he can send without ever raising suspicion.
NSA Director General Keith Alexander called cyber-espionage “the greatest transfer of wealth in history.“ Symantec places the cost of intellectual property theft for U.S. economy at $250 billion a year, with cybercrime a further $114 billion annually. Meanwhile, McAfee provides an estimate encompassing global remediation costs to total a staggering $1 trillion per annum.
A recent study on cyber-espionage has demonstrated that more than 200 families of malware have been designed and used to spy on government and corporate representatives.We have assisted the diffusion of new agents that work inbotnet architectures, as new variants – designed especially for mobile devices – are specifically developed for selected targets.
Todd is the go to guy in the office for anything technical, he is up on all the trends and is the first to have the next big thing. Todd has a plethora of devices and knows all kinds of neat tips and tricks. Although Todd does not have any formal IT training or certifications he has a thorough understanding of how IT works. After watching a few YoutTube videos, Todd comes into the office one day bragging about how he has changed the native functions of his cell phone with cool designs and screensavers. He got a series of “yet unreleased” apps and loves showing them off. Even offering to help others in the office achieve the same thing.
What Todd and your IT department do not realize is that Todd unwittingly has downloaded a series of malicious tools and applications thus making Todd a hackers new best friend. When his battery is running low Todd plugs his device into his company computer to charge it. Those applications and hackers now have established a direct connection to your internal network. Circumventing traditional controls such as firewalls. The tools and applications run “silently” in the background so no one would know what was really going on.
Tom is a mid-level employee, loyal and hard working. Tom takes his tablet to work each day to enjoy during lunch. He hops on the company Wi-Fi to read the latest headlines and check Facebook. Tom would never do anything malicious. However, at night when Tom goes home he lets his children use his tablet. They play games and watch videos. During one of these games the child clicks on a link to download a new level. This link is not a new level but rather a malicious program that is phishing the device for stored credentials and activity logs. Not noticing anything different other than a frustrated child who thought they were getting the next great conquest, Tom continues his routine of using the device at work. Now there is a compromised device accessing your company’s vital data–making it a virtual playground for a dedicated hacker waiting for the opportunity. Once they have access they are free to contact servers, other machines, and sensitive data.
According to a recent Arxan study 90% of Android retail mobile apps and 35% of Apple iOS retail mobile apps have been duplicated and published to secondary app stores by hackers seeking to disrupt retailers mobile activities or collect confidential customer information that can be used to make fraudulent transactions. Hackers can duplicate an app and insert malicious code that, for example, collects data an unwitting user types – network credentials, for instance – and transmits that data to the hackers.