HWZBB

The only BlackBerry community you will want to be in Singapore. Singapore BlackBerry users, unite!

HWZBB - The only BlackBerry community you will want to be in Singapore. Singapore BlackBerry users, unite!

The Lost Smartphone Experiments

Symantec recently had Scott Wright, a researcher and security coach to conduct a small experiment to see the risks of losing your Smartphone. In this experiment, he “lost” 50 smartphones in a few big cities. Loaded with tracking software, the phones had some made-up personal and corporate data to try and determine what the people who found the phones would access. Carried out in late 2011, the test takes an in-depth look into what really happens when you lose an unsecured smartphone.

The test was carried out in Ottawa Canada, New York City, Wachinton D.C. Los Angeles and the San Francisco Bay Area. The devices were lost in fairly typical places such as malls food courts, elevators, taxis and bus stops. The devices had no passwords securing them making the finders able to access anything they like with ease. Juicy fake corporate documents were also on the devices, containing names like “HR Cases” and “HR Salaries”, what could a good Samarian resist for a little look-see? I should note that trying to gather usable information on such few data points (50) can make for error-ridden results, but will definitely point out general trends in behavior.

Of the 50 smartphones in the test:

  • 48 phones were accessed by their finders
  • 45 phones were accessed for personal data or apps
  • 42 phones were accessed for corporate data or apps
  • 23 phones had their corporate email accessed
  • 35 phones were accessed for both personal and corporate data
  • 25 phones were returned by finding the owner in the address book
  • 26 phones had their “HR Salaries” file accessed
  • 20 phones had their “HR Cases” file accessed
  • 24 phones had their “Remote Admin” app used
  • 36 phones had their photos browsed
  • 21 phones had their online banking app used
  • 30 phones had their social networking apps used
  • 28 phones had their “saved passwords” app used
  • You generally have a 50% chance of your smartphone being returned

What they’re presenting in no more surprising than if someone lost 50 wallets and could somehow track which items were read. Human curiosity is a far cry from corporate espionage or someone desperate enough to look for any valuable secret to sell.

I see articles all the time written about how it’s possible to lift personal payment information from a factory reset/formated used Xbox, or how most photocopiers keep an archive of every thing they’ve ever copied on a hard drive. Thankfully, security is a core element of BlackBerry platform’s design.

This report’s information might be making yourself or the security department of your company sick but do keep in mind, anyone on a BlackBerry running BES can easily have their device locked down with a password and a how-to return message displayed on the lock screen. I also find that BlackBerry Protect gives me total peace of mind as far as security goes. The real risks of data breaches have more to do with the sum of what the data is and who has access to the data.

I like how this test was done, it makes you realize that an unsecured device is no different than a lost pad of paper containing loads of personal details. Thankfully security is a top design priority for BlackBerry smartphones and tablets.

The full report is available here in pdf format.

Image Credit: Gomonews

Category: News!

Leave a Comment

Your email address will not be published. Required fields are marked *

*

Please Verify That You Are Human * Time limit is exhausted. Please reload CAPTCHA.