Does your company have a wireless device data policy in place?

Published: September 7, 2010 by ofonseca

Smart phones and other wireless devices are increasingly popular among individual and business users with a 64% year over year market share growth, according to Canalys.  As more business users work remotely and travel the use of wireless devices has become a necessity in the workplace to access data. However, using wireless devices presents new challenges to keep transmitted and stored data secure.

Earlier this year, it was reported that several senior level Washington DC politicians purchased iPads and individually set up their wireless accounts using their service provider’s account verification process.  A security company identified a data security flaw and was able to hack the verification process.  This clever hack resulted in the theft of over 100,000 email addresses and unique numbers associated with the devices purchased.  Affected politicians included White House Chief of Staff, Rahm Emanuel and New York City Mayor, Michael Bloomberg.

Individual email addresses and device serial numbers may not sound significant at first glance.  However, nefarious individuals can leverage this data to guess more relevant information such as provider account number…which is linked to personally identifiable information (PII) of the end user.

Defining wireless device use standards is paramount. Corporate executive leadership must enable the communication between leaders in the Compliance, IT and consumer- facing teams to develop standards for device adoption and for how sensitive data is handled or distributed.  Policies and standards must be in place to help prevent the occurrence of a data breach.

What is your company doing to define wireless device usage and data standards?