Risks of Mobile Phones and Tablets
Theft or loss
Mobile phones, smart phones (phones that support email, documents, and applications) and tablets (such as iPads) are getting fancier and more popular all the time. This makes them a target for theft -- hundreds of thousands of mobile devices are reported lost or stolen each year. A thief could use your wireless access, steal your identity and credit card information, or cause you to pay for a new phone and unauthorized charges on your bill.
These devices are becoming more susceptible to hacks. Attackers exploiting vulnerabilities in the software, by writing viruses and other malware for phones and tablets, can disable your device or expose the data stored on it.
Loopholes in cell phone company security
Some phone companies store your data on their server. Do you trust your phone company to keep your data secure? Phones may not be the best place to store valuable or personal information.
Phone conversations can easily be overheard. Passwords, credit card numbers and other identifiable information may be best discussed in a private place.
If Bluetooth settings are not correctly configured an attacker can retrieve address book, call history and other information from a target phone, or send a virus over a Bluetooth connection. To avoid these problems, simply disable the Bluetooth component until you need it.
Before and After a Device Goes Missing
Protection against loss or theft
There is no guarantee that loss or theft will not happen. Protect your phone by: 1) taking precautions in the hopes that your phone can find its way back to you, or 2) making it too difficult for the thieves to make use of the phone. Learn the steps you can take.
If a phone is lost or stolen:
- File a police report immediately.
- Report the loss as soon as possible to your cellular service provider.
- Have the phone number or account disabled so no further charges can be applied in case the service provider is unable to lock the handset (many US service providers won't disable your phone). Thieves will more likely use your service than sell your phone, especially between the moments they steal it and before you realize it's missing.
- If a phone was stolen that contained sensitive Institute data -- even if it was encrypted or the phone was locked -- contact firstname.lastname@example.org.
- If the phone was insured, contact the insurance agent. Note that theft of mobile devices is not covered by the MIT Insurance program.
Protecting stored data
Consider carefully what information to store on your phone. If it fell into unknown hands, would it cause a disaster? Can you prevent someone from accessing that important information and can you get it back? Precautionary steps you can take:
- Encrypt the data stored on the device. Some phones, like Blackberry smart phones, come packaged with this feature.
- Enable "remote wipe" via Windows Exchange. Learn more.
- Select a strong password (if applicable to your phone) to restrict access to the keypad. Change the password often.
- Keep your phone's operating system and software patched and updated to protect against harmful software, just like you would your regular computer.
You may want to reduce the amount of data on your device or clear the device of data entirely prior to reselling or recycling it. Did you know that some methods of erasing data do not truly delete the files, even though they may appear to be gone? Learn more about removing sensitive data from mobile devices.
Mobile Devices at MIT
You can learn more about mobile phone support and using mobile devices at MIT on the Mobile at MIT site. IS&T currently supports Apple iPhone, Blackberry, and Windows Mobile. For any questions about any of these devices contact the IS&T Help Desk.