Big, bad news for smartphone-centric business owners: there are two major threats that can compromise your device and steal your data. Insurance Journal reports on the research of Accuvant and Bluebox Security, two cyber security firms that found two separate risks that can affect up to 90 percent of smartphones. (For perspective, there are over 2 billion smartphones in use globally.)
Here’s what the researchers found:
- Risk #1: Smartphone management software has a glaring flaw. Don’t get too cocky, iPhone users. This security flaw affects Google Android, Blackberry, and Apple devices alike. Turns out, all these operating systems conform to a weird industry standard that affects how user identities and network connections are managed. This uniform vulnerability may allow hackers to access the device and wreak all manner of havoc on the thing – from installing malware to accessing sensitive data.
- Risk #2: “Fake ID” malware affects 75 percent of older Android devices. Devices running older versions of Android software can be tricked into giving up secure information. Anything that relies on verified “signatures” to access personal data (e.g., Google and Adobe software) can be scammed by these malicious apps.
The good news is that developers across all smartphone platforms are scrambling to strengthen security measures (and Google already overhauled Android’s core software to address the “Fake ID” risks in newer devices). But until they get their metaphorical ducks in a row, you should be aware of how these threats could affect your business.
Is Your Smartphone a Smorgasbord for Hackers?
As a small-business owner alive and well in the digital age, you probably run a significant portion of your business from your smartphone – even if it’s just checking your work email. Your business could be at risk for data breaches if you…
- Have a mobile app for your business that collects user information. As you saw in the first risk above, hackers can exploit a management system vulnerability and swipe your customers’ data. If that happens, you could be sued over the breach. (To learn about creating safe and lucrative mobile apps, read, “Lessons in Mobile Marketing from Madison's Oasis Day Spa.”)
- Access sensitive data on smartphones. Ever check your business’s bank account from your phone? If so, that information could be ripe for the taking.
- Allow employees to use their mobile devices on the secure business network. Some viruses can spread like colds through wireless networks. Let’s say your employee uses an older Android device. If that employee’s device is riddled with malware and they connect to your secure connection, your network could be exposed.
Though it’s worth noting that the smartphone risks the researchers unearthed usually won’t affect average users, your device may need more careful surveillance simply because you use it for business.
How to Use Your Smartphone… Well… Smarter
To keep your smartphone and your data safe, consider implementing the following tips:
- Make sure you have an antivirus plan. You might consider downloading the app Lookout to safeguard your device. It scans apps and detects malware that’s infiltrated your phone. It’s also ideal for BYOD (bring your own device) workplaces, as it allows you to remotely manage and monitor all devices on your network from one dashboard.
- Only download trusted mobile apps. This is especially true if you use a device that allows you to download apps from third-party sources. For instance, Android users should only download apps through Google Play.
- Update apps and software regularly. App and software updates are often developed to patch security vulnerabilities. Be sure to check your device for these updates.
As a final risk management measure, consider carrying Cyber Liability Insurance. This policy can help your business handle the onslaught of bills associated with a data breach, such as the cost of…
- Notifying affected parties about the data theft.
- Identifying and repairing the cause of the breach.
- Implementing PR measures to restore your business’s image after the leak.
- Negotiating with cyber extortionists who hold your data hostage.
To learn more about Cyber Risk Insurance, read, “Cyber Insurance: Why It Matters, Where You’re Exposed.”