SlideShare a Scribd company logo
1 of 3
Download to read offline
COVER STORY




                                      CORPORATE POLICY


                                                 CONTACTS




                                                                CELL DATA

                                      By Z. Kelly Queijo




                                      Rough Edges
                                      Policy pointers that smooth risk of travelers’ cell phones.
                                      You’ve heard it before: “My cell phone is           According to David Schofield, direc-        conference bridges are immediately
                                      my life!” The speaker could be a drama-        tor of wireless mobility at AlsbridgeTAG,        changed.
                                      queen teenager whose cell phone privileges     “Security is a growing concern as regula-             Contact notes, personal numbers and
                                      have just been revoked. But when spoken        tion mostly looks to paper trails. Now IT        account information could be revealed
                                      by a business traveler, these words more       has to follow the vapor trail. The ability to    should the person want to probe into the
                                      carry weight and represent a deep level of     replicate deleted data from handheld             memory of the device. “Internal damage is
                                      responsibility.                                devices and forensic reconstruction are          one thing,” says Schofield, “negligent
                                           A typical business traveler’s mobile      becoming a big part of corporate protec-         release of client information becomes
Business Travel Executive JULY 2010




                                      phone stores contacts, appointments,           tion against espionage internally and            something completely different.”
                                      email, and perhaps even other sensitive        externally.”
                                      information such bank account numbers,              Or imagine this scenario: a sales man-      Triple Locked
                                      social security numbers and corporate          ager loses his handheld device and the per-      For serial business traveler Peter
                                      data. Loss of any of this information can      son who finds it now has access to the           Shankman, founder of Help-A-Reporter-
                                      present risks that not only compromise         sales manager’s calendar. In that calendar       Out, who claims to sleep in hotel beds
                                      traveler’s personal identity, but are also     are internal strategy, pricing or client meet-   more often than in his bed at home, his
                                      security risks for his employer.               ings. The person who found the phone             mobile phone and laptop are critically
                                           Just how bad is it if a traveler’s cell   could potentially attend any of those calls      important to his day-to-day work. Given
                                      phone falls into the wrong hands?              undiscovered unless the sales manager            that, Shankman takes protecting his data
                                           Probably worse than you imagine.          notifies corporate and all the standing          and devices seriously. “All devices, lap-


24
tops, and iPads have passwords. In addi-
tion, I do a physical check of where my
stuff is as often as is possible.”
                                               You Are Here                               Checking-in - it’s what business travelers
                                                                                          do when they finally make it to their desti-
     One backup is not enough for              nation whether it be a hotel, conference, or trade show. They check in to let some-
Shankman. Three is better. He routinely        one know they have arrived. Usually that person is whoever happens to be working
copies his data to a backup drive, a hard      the reservation desk at that particular moment. However, in March 2009, “checking-in”
drive at home, and a cloud drive some-
                                               took on a entirely new meaning with the arrival of the location-based social networking
where in “said” cloud — and yet, even this
                                               (LBS) tool known as “Foursquare.”
is not entirely sufficient. Shankman also
stores his most important documents on an           Unveiled at the South by South West (SXSW) technology conference, Foursquare
encrypted web site separate from his per-      was one of the first companies to build upon the status messaging tool where users
                                               answer the question “What are you doing?” that Twitter launched in 2006. Upon the
  It’s easy to break into a                    arrival of Foursquare, the question became “What are you doing and where are you
                                               doing it?”
 cell phone using parental                          Other similar tools such as Gowalla, Brightkite and WeReward have emerged, each
control software. ‘A hacker                    with a slightly different twist regarding the “what.”
                                                    But they kept the “where.”
need only know the model                            This concept of geolocation updates, allows any smartphone user to post a mes-
                                               sage through Foursquare (or similar tool) to any or all designated social networks or
of your phone, your phone
                                               friends groups stating they have just “checked-in” to a particular establishment or
   number, and carrier to                      location.
                                                    Check-ins seems innocent enough given their game-like environment — users earn
         gain access.’
                                               badges or points as rewards for checking in to the same place repeatedly. The user who
                                               checks in often enough earns the status of “mayor” of that establishment, only to be
sonal and corporate sites. “If I’m trapped
                                               ousted by the next person who checks-in more frequently.
in a foreign country, I can login, download
my passport, and hopefully get home.”               For businesses, the opportunities to take advantage of geolocation marketing and
      To the corporate security officer        tracking are unlimited. In fact, LBS messages are the ultimate in word-of-mouth market-
(CSO), the threat to data integrity on cor-    ing tools and are a terrific way to bring people together in public settings such as con-
porate systems is the same whether the         ference. A tweeted text message inviting attendees to the hospitality suite sure beats
threat originates from a computer used by      the printed invitation stuck somewhere in the bottom of the conference goody bag left
a hacker or from a smartphone: someone         in the hotel room.
from the outside wants in. According to
                                                    Think before you tweet
Randy Marchany, information technology
                                                    According to Ann Handley, chief content officer for MarketingProfs, event produc-
security officer for Virginia Tech, the two
biggest risks he sees are sensitive data       ers are definitely looking at Foursquare and other location-based networking these LBS
breaches and password compromises.             tools as yet another way to connect and engage with attendees. “It’s is a no-brainer for
“Corporate execs love to read their email      in-person events because of ... well, the location-specific nature of the shared experi-
on their smartphones and these emails          ence of an event. Foursquare is a great way for attendees to connect with others and
may contain sensitive information. In          ‘see’ who else is present. The connections make for some immediate networking oppor-
addition, people tend to create password       tunities and audience participation.”
files on their smartphones and these
                                                    But when it comes to personal security and privacy, is telling the world through
devices are, in effect, becoming the equiva-
                                               your smartphone that you are not home or not in the office really all that smart? When
lent of ‘sticky notes.’”
      “Smartphones are effectively really      Angela Daffron, stalker victim, says “be careful what you share online,” she means it.
highly portable computers with Wi-Fi and       Over-sharing, a form of TMI (too-much-information), can provide the “bad guys” all the
cellular data network access,” says Colin      info needed to track down a person who may be walking alone to the parking garage, or
Grant, managing director for Nomad             has left house, office or property unattended. Recently, the web site PleaseRobMe.com
                                                                                                                                            Business Travel Executive JULY 2010



Mobile Guides. “In terms of security they      flashed onto the media’s radar due to the attention they drew by streaming posts from
are no different than laptops or USB flash     the status-obsessed public who are compelled to imply no one is home in the form of
drives that have advantages and security
                                               messages that either state where they are going - “off to LAX” - or where they have
weaknesses.” The obvious difference, of
                                               arrived-”just checked in at Starbucks on Main Street.”
course, is that smartphones are small,
highly portable, easy to share and, more            Just as a password is code to protect against unwanted entry into a cell phone or
often than not, easy to hack.                  computer, the code that protects a business traveler compelled to “check-in” comes in
      Some problems are specific to certain    the form of cryptic words, delivered in 140-chareacters or less, at the right time, at the
mobile devices. Greg Lee, president of         right place.
Software Specialists, points out that on a                                                                                          — ZKQ
Blackberry, the browser can be configured,


                                                                                                                                            25
COVER STORY | Rough Edges

                                      and often is configured by default, to           phone numbers on-hand (but not in the            call from your phone.
                                      appear to be inside the corporate firewall.      cell phone) for quick access: the cell phone     Hand someone your phone to take a pic-
                                      “For example, from my Blackberry, I can          carrier’s, so service can be suspended until     ture of you.
                                      access all of my corporate intranet sites.       the lost phone is found; and the CSO’s, so       Don’t click on links in emails or messages
                                      This is a Blackberry feature and it means        any possible data breaches can be reported       from people you don’t know.
                                      that an application I decide to load on my       and the necessary action taken as quickly              The security risk can get very person-
                                                                                       as possible.                                     al. Angela Daffron, founder of Jodi’s
                                         The ability to replicate                            Corporate policies in place for            Voice, knows from her own experience
                                                                                       domestic travel may need to be beefed up         what it’s like to have someone break into
                                           deleted data from
                                                                                       when traveling in outside the US. Philip         a cell phone and gain access to data stored
                                         handheld devices and                          Farina, a travel and hotel security expert       there. Daffron’s cell phone was hacked by
                                                                                       and CEO of Farina and Associates Ltd.,           a stalker who used off-the-shelf parental
                                        forensic reconstruction                        stresses that in addition to the various lev-    control software to invade and monitor
                                                                                       els of risks travelers are exposed to when       her public and private life. “Had I known
                                            are a big part of                          traveling internationally (fire, food poison-    not to leave my phone laying my desk,
                                                                                       ing, fraud, theft, kidnapping/abduction          unattended, or had I protected it with a
                                           protection against
                                                                                       and of course, the terrorism element), data
                                         corporate espionage.                          protection also makes the list. “One only
                                                                                                                                               ‘It will be stupid
                                                                                       has to view the latest news to see where              things, like storing
                                      phone could also access those same sites.        trade secrets, products and identities have
                                      This presents, at the very least, an infor-      been stolen from individuals who are trav-        confidential files on your
                                      mation access issue. Of course, the risk is      eling for both business and pleasure.”
                                      the same for me installing software in my              To circumvent risks when traveling in      phone and then leaving it
                                      company laptop as well.”                         foreign countries, Farina suggests travelers
                                            “It will be stupid things,” Grant says,    take the following precautions:
                                                                                                                                          in a bar or on the back
                                      “like storing confidential files on your               Leave your data-sensitive cell phone       seat of a taxi, that present
                                      phone and then leaving it in a bar or on         at home. Consider obtaining a local
                                      the back seat of a taxi for someone else to      mobile/cell phone at your destination.                 the greatest risk.’
                                      find — that present the greatest risk. This            Consider purchasing a “shield” for
                                      is where end-user training comes in.”            your devices.                                    password, some intrusions could have
                                      Schofield agrees: “Corporate policy is a               If you require internet access, ensure     been avoided.”
                                      first defense.”                                  that you have appropriate levels of encryp-            She recommends the following steps
                                                                                       tion and firewalls for secure communica-         regardless whether a phone is for business
                                      Elements Of Corporate Policy                     tions.                                           or, more commonly, for both business and
                                      The goal of a corporate cell phone policy              In your vehicle, keep your valuables       personal use:
                                      is to protect the enterprise from loss of        out of sight and hidden, preferably in the             Always be aware of your surround-
                                      intellectual property. Establishing a policy     trunk areas.                                     ings.
                                      and getting employees to follow all of the             If staying at a hotel, always lock up            Be aware of what information you
                                      rules all of the time is another thing entire-   your computers, data devices and cell            are sharing about yourself.
                                      ly. Given that human behavior is often the       phones, when not needed, in the in-room                Hide the name of your carrier.
                                      nemesis of any policy, having a strategy in      safes or in the safe deposit boxes located             Never let your phone out of your
                                      place for when security is compromised is        at the front desk.                               sight.
                                      mission-critical.                                                                                       Know the warning signs and act on
                                            Policy points often include: requiring     Personal Precautions                             them — if your phone lights up, even
                                      passwords on smartphones, no texting             From corporate use to personal use, if           briefly, or you notice anything strange or
                                      while driving and limiting the type of data      your travelers’ cell phones truly are “their     new on your phone, take it to your carri-
                                      that is stored or accessed remotely. John        life,” tell them to give that phone the same     er’s store and have a technical support per-
                                      Hering, CEO of Lookout, a mobile secu-           level of attention and consideration they        son take a look at it.
                                      rity company, recommends the following           would just as if their lives, and the lives of         Spend the money for security soft-
Business Travel Executive JULY 2010




                                      be added to any corporation’s cell phone         those they care about or work with,              ware and install it. $40 can buy peace of
                                      policy:                                          depended on it.                                  mind.
                                            Never leave your phone unattended.         Do: Install mobile security software.                  During her ordeal, Daffron learned
                                            When traveling, always lock your           Backup your phone’s data regularly.              how easy it is to break into a person’s
                                      phone in a hotel safe when it is not in use.     Password protect your phone.                     phone using parental control software. “A
                                            Download mobile security software          Read reviews before downloading any              hacker need only know the model of your
                                      that will protect against malware, data          apps and download them only from rep-            phone, your phone number, and carrier to
                                      loss, and against physically losing your         utable sources.                                  gain access to your phone’s sensitive
                                      phone.                                           Don’t: Ever let your phone out of your           data.” In addition to mobile security soft-
                                            A corporate policy should also             sight.                                           ware, she now uses a Sharpie to block out
                                      include that the user keep two specific          Share your phone or let anyone make a            the name of her cell phone carrier. BTE


26

More Related Content

What's hot

Assignment 1
Assignment 1Assignment 1
Assignment 1NWAce
 
Assignment 1
Assignment 1Assignment 1
Assignment 1NWAce
 
Paul okade an introduction-of_cryptography
Paul okade an introduction-of_cryptographyPaul okade an introduction-of_cryptography
Paul okade an introduction-of_cryptographyPaul Okade
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Management Insights LLC
 
Analysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioAnalysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioJuanRios179
 
Mobile Social Networking: The New Ecosystem
Mobile Social Networking: The New EcosystemMobile Social Networking: The New Ecosystem
Mobile Social Networking: The New EcosystemElizabeth Lupfer
 
Analysing predicted technology trends for the year 2012 through text mining...
Analysing predicted technology trends for the year 2012 through text mining...Analysing predicted technology trends for the year 2012 through text mining...
Analysing predicted technology trends for the year 2012 through text mining...invenQ Insight
 
Noah Lang's Presentation
Noah Lang's PresentationNoah Lang's Presentation
Noah Lang's PresentationMediabistro
 
Digital's Indelible Mark on Brand Building Fundamentals
Digital's Indelible Mark on Brand Building FundamentalsDigital's Indelible Mark on Brand Building Fundamentals
Digital's Indelible Mark on Brand Building FundamentalsPerformics
 
The Newest Element of Risk Metrics: Social Media
The Newest Element of Risk Metrics: Social MediaThe Newest Element of Risk Metrics: Social Media
The Newest Element of Risk Metrics: Social MediaPriyanka Aash
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Pirates are not confined to the caribbean.pdf
Pirates are not confined to the caribbean.pdfPirates are not confined to the caribbean.pdf
Pirates are not confined to the caribbean.pdfGurudev Basavaraj Goud
 
E0334035040
E0334035040E0334035040
E0334035040theijes
 
Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack ZeroFOX
 

What's hot (19)

Assignment 1
Assignment 1Assignment 1
Assignment 1
 
Assignment 1
Assignment 1Assignment 1
Assignment 1
 
Paul okade an introduction-of_cryptography
Paul okade an introduction-of_cryptographyPaul okade an introduction-of_cryptography
Paul okade an introduction-of_cryptography
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Analysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioAnalysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined Radio
 
Mobile Social Networking: The New Ecosystem
Mobile Social Networking: The New EcosystemMobile Social Networking: The New Ecosystem
Mobile Social Networking: The New Ecosystem
 
Analysing predicted technology trends for the year 2012 through text mining...
Analysing predicted technology trends for the year 2012 through text mining...Analysing predicted technology trends for the year 2012 through text mining...
Analysing predicted technology trends for the year 2012 through text mining...
 
ROI of B2B Social Media
ROI of B2B Social MediaROI of B2B Social Media
ROI of B2B Social Media
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Noah Lang's Presentation
Noah Lang's PresentationNoah Lang's Presentation
Noah Lang's Presentation
 
Digital's Indelible Mark on Brand Building Fundamentals
Digital's Indelible Mark on Brand Building FundamentalsDigital's Indelible Mark on Brand Building Fundamentals
Digital's Indelible Mark on Brand Building Fundamentals
 
The Newest Element of Risk Metrics: Social Media
The Newest Element of Risk Metrics: Social MediaThe Newest Element of Risk Metrics: Social Media
The Newest Element of Risk Metrics: Social Media
 
Prevalence of Deception in Online Customer Reviews
Prevalence of Deception in Online Customer ReviewsPrevalence of Deception in Online Customer Reviews
Prevalence of Deception in Online Customer Reviews
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
 
Pirates are not confined to the caribbean.pdf
Pirates are not confined to the caribbean.pdfPirates are not confined to the caribbean.pdf
Pirates are not confined to the caribbean.pdf
 
E0334035040
E0334035040E0334035040
E0334035040
 
2 phishing
2 phishing2 phishing
2 phishing
 
Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack
 

Similar to Business Travel Executive, Rough Edges

idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!Identive
 
MindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverMindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverPJStarr
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...Dana Gardner
 
How the camera on your cellphone can be captured and used to spy on you
How the camera on your cellphone can be captured and used to spy on youHow the camera on your cellphone can be captured and used to spy on you
How the camera on your cellphone can be captured and used to spy on youSheher Bano
 
Think like a hacker for better security awareness
Think like a hacker for better security awarenessThink like a hacker for better security awareness
Think like a hacker for better security awarenessCOMSATS
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemBernard Marr
 
I Did Not Write This Document And Can Prove It!
I Did Not Write This Document And Can Prove It!I Did Not Write This Document And Can Prove It!
I Did Not Write This Document And Can Prove It!jmoquendo
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...Dana Gardner
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfKALPITKALPIT1
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the  Age of WikiLeaksProtecting Intellectual Property in the  Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threatAli J
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOsIBM Security
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptxRajviNikeetaRathore
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop
 
Everyday surveillance
Everyday surveillanceEveryday surveillance
Everyday surveillanceYavuz Paksoy
 

Similar to Business Travel Executive, Rough Edges (20)

idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
 
MindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverMindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no cover
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...
Expert Panel Explores Heightened Role of Security for Cloud and Mobile Apps D...
 
How the camera on your cellphone can be captured and used to spy on you
How the camera on your cellphone can be captured and used to spy on youHow the camera on your cellphone can be captured and used to spy on you
How the camera on your cellphone can be captured and used to spy on you
 
Think like a hacker for better security awareness
Think like a hacker for better security awarenessThink like a hacker for better security awareness
Think like a hacker for better security awareness
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
 
I Did Not Write This Document And Can Prove It!
I Did Not Write This Document And Can Prove It!I Did Not Write This Document And Can Prove It!
I Did Not Write This Document And Can Prove It!
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...
How a Minnesota Law Firm Brings Mission Critical Security To Myriad Mobile De...
 
Social Network Crime on Rise
Social Network Crime on RiseSocial Network Crime on Rise
Social Network Crime on Rise
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the  Age of WikiLeaksProtecting Intellectual Property in the  Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaks
 
Hacking 04 2011
Hacking 04 2011Hacking 04 2011
Hacking 04 2011
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threat
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOs
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptx
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded Devices
 
Everyday surveillance
Everyday surveillanceEveryday surveillance
Everyday surveillance
 

More from pfarina

Opportunities Flat, Compensation Up In The Corporate Security Industry Secu...
Opportunities Flat, Compensation Up In The Corporate Security Industry   Secu...Opportunities Flat, Compensation Up In The Corporate Security Industry   Secu...
Opportunities Flat, Compensation Up In The Corporate Security Industry Secu...pfarina
 
Top 5 Recession Proof Careers The Degree 360
Top 5 Recession Proof Careers The Degree 360Top 5 Recession Proof Careers The Degree 360
Top 5 Recession Proof Careers The Degree 360pfarina
 
Officer Layoffs Getting A Pink Slip Article Police Magazine
Officer Layoffs  Getting A Pink Slip   Article   Police MagazineOfficer Layoffs  Getting A Pink Slip   Article   Police Magazine
Officer Layoffs Getting A Pink Slip Article Police Magazinepfarina
 
Safeguarding Your Home Before You Leave For Vacation
Safeguarding Your Home Before You Leave For VacationSafeguarding Your Home Before You Leave For Vacation
Safeguarding Your Home Before You Leave For Vacationpfarina
 
125 Tips For Todays Meeting Planner
125 Tips For Todays Meeting Planner125 Tips For Todays Meeting Planner
125 Tips For Todays Meeting Plannerpfarina
 
How To Survive A Pirate Attack Fox News
How To Survive A Pirate Attack   Fox NewsHow To Survive A Pirate Attack   Fox News
How To Survive A Pirate Attack Fox Newspfarina
 
What To Do If A Revolution Spoils Your Trip Fox News
What To Do If A Revolution Spoils Your Trip   Fox NewsWhat To Do If A Revolution Spoils Your Trip   Fox News
What To Do If A Revolution Spoils Your Trip Fox Newspfarina
 
Always Room For Improvement
Always Room For ImprovementAlways Room For Improvement
Always Room For Improvementpfarina
 
Chicago Sun Times Soft Spot In Aircraft Security
Chicago Sun Times Soft Spot In Aircraft SecurityChicago Sun Times Soft Spot In Aircraft Security
Chicago Sun Times Soft Spot In Aircraft Securitypfarina
 
The Washington Post "Confused And Abused By The Tsa" article
The Washington Post   "Confused And Abused By The Tsa" articleThe Washington Post   "Confused And Abused By The Tsa" article
The Washington Post "Confused And Abused By The Tsa" articlepfarina
 
The Farina Group Corporate Overview
The Farina Group Corporate OverviewThe Farina Group Corporate Overview
The Farina Group Corporate Overviewpfarina
 
Hospitality Security and Safety Solutions
Hospitality Security and Safety SolutionsHospitality Security and Safety Solutions
Hospitality Security and Safety Solutionspfarina
 
Ensuring an Uneventful Stay
Ensuring an Uneventful StayEnsuring an Uneventful Stay
Ensuring an Uneventful Staypfarina
 
Traveling Abroad With Children
Traveling Abroad With ChildrenTraveling Abroad With Children
Traveling Abroad With Childrenpfarina
 
Holes In Hotel Security, Security Management
Holes In Hotel Security,  Security ManagementHoles In Hotel Security,  Security Management
Holes In Hotel Security, Security Managementpfarina
 
Conducting Successful Certification Review Programs
Conducting Successful Certification Review ProgramsConducting Successful Certification Review Programs
Conducting Successful Certification Review Programspfarina
 

More from pfarina (16)

Opportunities Flat, Compensation Up In The Corporate Security Industry Secu...
Opportunities Flat, Compensation Up In The Corporate Security Industry   Secu...Opportunities Flat, Compensation Up In The Corporate Security Industry   Secu...
Opportunities Flat, Compensation Up In The Corporate Security Industry Secu...
 
Top 5 Recession Proof Careers The Degree 360
Top 5 Recession Proof Careers The Degree 360Top 5 Recession Proof Careers The Degree 360
Top 5 Recession Proof Careers The Degree 360
 
Officer Layoffs Getting A Pink Slip Article Police Magazine
Officer Layoffs  Getting A Pink Slip   Article   Police MagazineOfficer Layoffs  Getting A Pink Slip   Article   Police Magazine
Officer Layoffs Getting A Pink Slip Article Police Magazine
 
Safeguarding Your Home Before You Leave For Vacation
Safeguarding Your Home Before You Leave For VacationSafeguarding Your Home Before You Leave For Vacation
Safeguarding Your Home Before You Leave For Vacation
 
125 Tips For Todays Meeting Planner
125 Tips For Todays Meeting Planner125 Tips For Todays Meeting Planner
125 Tips For Todays Meeting Planner
 
How To Survive A Pirate Attack Fox News
How To Survive A Pirate Attack   Fox NewsHow To Survive A Pirate Attack   Fox News
How To Survive A Pirate Attack Fox News
 
What To Do If A Revolution Spoils Your Trip Fox News
What To Do If A Revolution Spoils Your Trip   Fox NewsWhat To Do If A Revolution Spoils Your Trip   Fox News
What To Do If A Revolution Spoils Your Trip Fox News
 
Always Room For Improvement
Always Room For ImprovementAlways Room For Improvement
Always Room For Improvement
 
Chicago Sun Times Soft Spot In Aircraft Security
Chicago Sun Times Soft Spot In Aircraft SecurityChicago Sun Times Soft Spot In Aircraft Security
Chicago Sun Times Soft Spot In Aircraft Security
 
The Washington Post "Confused And Abused By The Tsa" article
The Washington Post   "Confused And Abused By The Tsa" articleThe Washington Post   "Confused And Abused By The Tsa" article
The Washington Post "Confused And Abused By The Tsa" article
 
The Farina Group Corporate Overview
The Farina Group Corporate OverviewThe Farina Group Corporate Overview
The Farina Group Corporate Overview
 
Hospitality Security and Safety Solutions
Hospitality Security and Safety SolutionsHospitality Security and Safety Solutions
Hospitality Security and Safety Solutions
 
Ensuring an Uneventful Stay
Ensuring an Uneventful StayEnsuring an Uneventful Stay
Ensuring an Uneventful Stay
 
Traveling Abroad With Children
Traveling Abroad With ChildrenTraveling Abroad With Children
Traveling Abroad With Children
 
Holes In Hotel Security, Security Management
Holes In Hotel Security,  Security ManagementHoles In Hotel Security,  Security Management
Holes In Hotel Security, Security Management
 
Conducting Successful Certification Review Programs
Conducting Successful Certification Review ProgramsConducting Successful Certification Review Programs
Conducting Successful Certification Review Programs
 

Business Travel Executive, Rough Edges

  • 1. COVER STORY CORPORATE POLICY CONTACTS CELL DATA By Z. Kelly Queijo Rough Edges Policy pointers that smooth risk of travelers’ cell phones. You’ve heard it before: “My cell phone is According to David Schofield, direc- conference bridges are immediately my life!” The speaker could be a drama- tor of wireless mobility at AlsbridgeTAG, changed. queen teenager whose cell phone privileges “Security is a growing concern as regula- Contact notes, personal numbers and have just been revoked. But when spoken tion mostly looks to paper trails. Now IT account information could be revealed by a business traveler, these words more has to follow the vapor trail. The ability to should the person want to probe into the carry weight and represent a deep level of replicate deleted data from handheld memory of the device. “Internal damage is responsibility. devices and forensic reconstruction are one thing,” says Schofield, “negligent A typical business traveler’s mobile becoming a big part of corporate protec- release of client information becomes Business Travel Executive JULY 2010 phone stores contacts, appointments, tion against espionage internally and something completely different.” email, and perhaps even other sensitive externally.” information such bank account numbers, Or imagine this scenario: a sales man- Triple Locked social security numbers and corporate ager loses his handheld device and the per- For serial business traveler Peter data. Loss of any of this information can son who finds it now has access to the Shankman, founder of Help-A-Reporter- present risks that not only compromise sales manager’s calendar. In that calendar Out, who claims to sleep in hotel beds traveler’s personal identity, but are also are internal strategy, pricing or client meet- more often than in his bed at home, his security risks for his employer. ings. The person who found the phone mobile phone and laptop are critically Just how bad is it if a traveler’s cell could potentially attend any of those calls important to his day-to-day work. Given phone falls into the wrong hands? undiscovered unless the sales manager that, Shankman takes protecting his data Probably worse than you imagine. notifies corporate and all the standing and devices seriously. “All devices, lap- 24
  • 2. tops, and iPads have passwords. In addi- tion, I do a physical check of where my stuff is as often as is possible.” You Are Here Checking-in - it’s what business travelers do when they finally make it to their desti- One backup is not enough for nation whether it be a hotel, conference, or trade show. They check in to let some- Shankman. Three is better. He routinely one know they have arrived. Usually that person is whoever happens to be working copies his data to a backup drive, a hard the reservation desk at that particular moment. However, in March 2009, “checking-in” drive at home, and a cloud drive some- took on a entirely new meaning with the arrival of the location-based social networking where in “said” cloud — and yet, even this (LBS) tool known as “Foursquare.” is not entirely sufficient. Shankman also stores his most important documents on an Unveiled at the South by South West (SXSW) technology conference, Foursquare encrypted web site separate from his per- was one of the first companies to build upon the status messaging tool where users answer the question “What are you doing?” that Twitter launched in 2006. Upon the It’s easy to break into a arrival of Foursquare, the question became “What are you doing and where are you doing it?” cell phone using parental Other similar tools such as Gowalla, Brightkite and WeReward have emerged, each control software. ‘A hacker with a slightly different twist regarding the “what.” But they kept the “where.” need only know the model This concept of geolocation updates, allows any smartphone user to post a mes- sage through Foursquare (or similar tool) to any or all designated social networks or of your phone, your phone friends groups stating they have just “checked-in” to a particular establishment or number, and carrier to location. Check-ins seems innocent enough given their game-like environment — users earn gain access.’ badges or points as rewards for checking in to the same place repeatedly. The user who checks in often enough earns the status of “mayor” of that establishment, only to be sonal and corporate sites. “If I’m trapped ousted by the next person who checks-in more frequently. in a foreign country, I can login, download my passport, and hopefully get home.” For businesses, the opportunities to take advantage of geolocation marketing and To the corporate security officer tracking are unlimited. In fact, LBS messages are the ultimate in word-of-mouth market- (CSO), the threat to data integrity on cor- ing tools and are a terrific way to bring people together in public settings such as con- porate systems is the same whether the ference. A tweeted text message inviting attendees to the hospitality suite sure beats threat originates from a computer used by the printed invitation stuck somewhere in the bottom of the conference goody bag left a hacker or from a smartphone: someone in the hotel room. from the outside wants in. According to Think before you tweet Randy Marchany, information technology According to Ann Handley, chief content officer for MarketingProfs, event produc- security officer for Virginia Tech, the two biggest risks he sees are sensitive data ers are definitely looking at Foursquare and other location-based networking these LBS breaches and password compromises. tools as yet another way to connect and engage with attendees. “It’s is a no-brainer for “Corporate execs love to read their email in-person events because of ... well, the location-specific nature of the shared experi- on their smartphones and these emails ence of an event. Foursquare is a great way for attendees to connect with others and may contain sensitive information. In ‘see’ who else is present. The connections make for some immediate networking oppor- addition, people tend to create password tunities and audience participation.” files on their smartphones and these But when it comes to personal security and privacy, is telling the world through devices are, in effect, becoming the equiva- your smartphone that you are not home or not in the office really all that smart? When lent of ‘sticky notes.’” “Smartphones are effectively really Angela Daffron, stalker victim, says “be careful what you share online,” she means it. highly portable computers with Wi-Fi and Over-sharing, a form of TMI (too-much-information), can provide the “bad guys” all the cellular data network access,” says Colin info needed to track down a person who may be walking alone to the parking garage, or Grant, managing director for Nomad has left house, office or property unattended. Recently, the web site PleaseRobMe.com Business Travel Executive JULY 2010 Mobile Guides. “In terms of security they flashed onto the media’s radar due to the attention they drew by streaming posts from are no different than laptops or USB flash the status-obsessed public who are compelled to imply no one is home in the form of drives that have advantages and security messages that either state where they are going - “off to LAX” - or where they have weaknesses.” The obvious difference, of arrived-”just checked in at Starbucks on Main Street.” course, is that smartphones are small, highly portable, easy to share and, more Just as a password is code to protect against unwanted entry into a cell phone or often than not, easy to hack. computer, the code that protects a business traveler compelled to “check-in” comes in Some problems are specific to certain the form of cryptic words, delivered in 140-chareacters or less, at the right time, at the mobile devices. Greg Lee, president of right place. Software Specialists, points out that on a — ZKQ Blackberry, the browser can be configured, 25
  • 3. COVER STORY | Rough Edges and often is configured by default, to phone numbers on-hand (but not in the call from your phone. appear to be inside the corporate firewall. cell phone) for quick access: the cell phone Hand someone your phone to take a pic- “For example, from my Blackberry, I can carrier’s, so service can be suspended until ture of you. access all of my corporate intranet sites. the lost phone is found; and the CSO’s, so Don’t click on links in emails or messages This is a Blackberry feature and it means any possible data breaches can be reported from people you don’t know. that an application I decide to load on my and the necessary action taken as quickly The security risk can get very person- as possible. al. Angela Daffron, founder of Jodi’s The ability to replicate Corporate policies in place for Voice, knows from her own experience domestic travel may need to be beefed up what it’s like to have someone break into deleted data from when traveling in outside the US. Philip a cell phone and gain access to data stored handheld devices and Farina, a travel and hotel security expert there. Daffron’s cell phone was hacked by and CEO of Farina and Associates Ltd., a stalker who used off-the-shelf parental forensic reconstruction stresses that in addition to the various lev- control software to invade and monitor els of risks travelers are exposed to when her public and private life. “Had I known are a big part of traveling internationally (fire, food poison- not to leave my phone laying my desk, ing, fraud, theft, kidnapping/abduction unattended, or had I protected it with a protection against and of course, the terrorism element), data corporate espionage. protection also makes the list. “One only ‘It will be stupid has to view the latest news to see where things, like storing phone could also access those same sites. trade secrets, products and identities have This presents, at the very least, an infor- been stolen from individuals who are trav- confidential files on your mation access issue. Of course, the risk is eling for both business and pleasure.” the same for me installing software in my To circumvent risks when traveling in phone and then leaving it company laptop as well.” foreign countries, Farina suggests travelers “It will be stupid things,” Grant says, take the following precautions: in a bar or on the back “like storing confidential files on your Leave your data-sensitive cell phone seat of a taxi, that present phone and then leaving it in a bar or on at home. Consider obtaining a local the back seat of a taxi for someone else to mobile/cell phone at your destination. the greatest risk.’ find — that present the greatest risk. This Consider purchasing a “shield” for is where end-user training comes in.” your devices. password, some intrusions could have Schofield agrees: “Corporate policy is a If you require internet access, ensure been avoided.” first defense.” that you have appropriate levels of encryp- She recommends the following steps tion and firewalls for secure communica- regardless whether a phone is for business Elements Of Corporate Policy tions. or, more commonly, for both business and The goal of a corporate cell phone policy In your vehicle, keep your valuables personal use: is to protect the enterprise from loss of out of sight and hidden, preferably in the Always be aware of your surround- intellectual property. Establishing a policy trunk areas. ings. and getting employees to follow all of the If staying at a hotel, always lock up Be aware of what information you rules all of the time is another thing entire- your computers, data devices and cell are sharing about yourself. ly. Given that human behavior is often the phones, when not needed, in the in-room Hide the name of your carrier. nemesis of any policy, having a strategy in safes or in the safe deposit boxes located Never let your phone out of your place for when security is compromised is at the front desk. sight. mission-critical. Know the warning signs and act on Policy points often include: requiring Personal Precautions them — if your phone lights up, even passwords on smartphones, no texting From corporate use to personal use, if briefly, or you notice anything strange or while driving and limiting the type of data your travelers’ cell phones truly are “their new on your phone, take it to your carri- that is stored or accessed remotely. John life,” tell them to give that phone the same er’s store and have a technical support per- Hering, CEO of Lookout, a mobile secu- level of attention and consideration they son take a look at it. rity company, recommends the following would just as if their lives, and the lives of Spend the money for security soft- Business Travel Executive JULY 2010 be added to any corporation’s cell phone those they care about or work with, ware and install it. $40 can buy peace of policy: depended on it. mind. Never leave your phone unattended. Do: Install mobile security software. During her ordeal, Daffron learned When traveling, always lock your Backup your phone’s data regularly. how easy it is to break into a person’s phone in a hotel safe when it is not in use. Password protect your phone. phone using parental control software. “A Download mobile security software Read reviews before downloading any hacker need only know the model of your that will protect against malware, data apps and download them only from rep- phone, your phone number, and carrier to loss, and against physically losing your utable sources. gain access to your phone’s sensitive phone. Don’t: Ever let your phone out of your data.” In addition to mobile security soft- A corporate policy should also sight. ware, she now uses a Sharpie to block out include that the user keep two specific Share your phone or let anyone make a the name of her cell phone carrier. BTE 26