Default title

MOBILE DEVICE WIPES

YOU HAVE LOST YOUR PHONE. TECH SUPPORT WIPES IT. YOU ARE DONE, RIGHT?

Having the ability to remote wipe a mobile device that has been lost is a lifesaver. You can simply click a few buttons on a management console and miles away that device, connected to your system magically forgets all of the confidential emails and passwords you have stored on it. Sounds perfect, doesn't it ?

THE DEEPER YOU LOOK INTO SECURITY, THE MORE YOU GROW CONCERNED ABOUT YOUR PRECONCEPTIONS OF IT

Even if a remote wipe reports as successful there is a high likelihood of data remnance. Just like our previous article on SSD drives there are major pieces of data left on most mobile devices after a wipe procedure. Because most wipe features are simply a delete action the data isn't actually removed, its only had its pointers removed. A delete process in most instances is simply the deletion of the pointers, or map if you will, to the data. This is not the same as the removal of the data itself and simple programs can restore those pointers and recover the data. Lock screens and codes do little to stop a USB cable from pulling off the desired data. This problem is especially prominent with the type of memory your phone has. This type of memory requires repeated overwrites to fully remove any remnance and most wipe applications are simply not built with that in mind.

HOW DO YOU SECURE YOUR PHONE

ENCRYPTION is an excellent for securing your phone storage. Ensuring you have proper encryption for your storage is extremely important. Another option is Third party Mobile Device Management Systems (MDM) like Mobile Iron will help. These are certainly are not cheap options and usability sometimes suffers but when it comes to protecting yourself from data risks and reducing your potential for identity theft one should always weigh the risks. When it comes to identity theft, a mobile phone is about as rich of a target as one can get. Having access to all your contacts, all your mail items, banking info and any stored application data including MS Office allows for unlimited options to the identity thief.

Talk to ALT8 about your mobile device security concerns. We would be happy to review your current policies and help you evaluate and understand your risks.

RECENT THREAT POSTS

- Lindsey O'Donnell
Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process
Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.
- Tara Seals
Stalkerware Volumes Remain Concerningly High, Despite Bans
COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware.
- Elizabeth Montalbano
Lazarus Targets Defense Companies with ThreatNeedle Malware
A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies.
- Becky Bracken
Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release  
Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.  
- Lindsey O'Donnell
Malware Gangs Partner Up in Double-Punch Security Threat
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
- Lindsey O'Donnell
Podcast: Ransomware Attacks Exploded in Q4 2020
Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor.
- Pat Cooper
Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World
Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device.
- Becky Bracken
Cyberattacks Launch Against Vietnamese Human-Rights Activists
Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders.
- Elizabeth Montalbano
Health Website Leaks 8 Million COVID-19 Test Results
A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
- Lindsey O'Donnell
Malicious Mozilla Firefox Extension Allows Gmail Takeover
The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.

Archives

One thought on “Default title”

Leave a Reply

Your email address will not be published. Required fields are marked *

10 + five =