Monthly Archives: November 2013

Shot across the bow

If you have read my profile, you will see that I had 22 years in the Royal Navy, consequently I am still a little enclined to use Naval terms. Some of the looks I get from colleagues are a picture, but hey it makes the day interesting.

Spending time in the Royal Navy has taught me a few things about information security and auditing of classified information. Daily, weekly and monthly we had to account for publications and sign to say they were complete. We had to account for crypto tapes, yes I said tapes, how things have changed.

Anyway, it set my mind a thinking, there are various items that we use on a day to day basis, that most of us take for granted, one being the mobile phone. A non smartphone still has the capability of storing data, it may be text only, but they still contain information. A smartphone or tablet generally contains a at least 8 GB of data,that normally consists of contacts, documents, pictures, video and music. If you look at it from a criminals point of view, your device could be a gold mine.

When I conduct a security induction, I discuss information assets and what they are; as part of that discussion I ask the audience if they have PIN or passcode for security activated on their device. I can normally guarentee that one person in the audience does not.

When I ask if they log out of Facebook, log out of twitter, or any other social media that they use, you know what the answer is, it is a resounding no. I ask how many contacts do you have, majority have a at 50 or more, with full contact details. I ask if they bank online, yes is the answer, do you know your bank security verbatim, no is the answer, guess where they keep it!

This is my “shot across the bow” to our new comers, secure you mobile devices it's an opportunist target. If you can manage your own information security, then you should be able to look after anothers persons information.

 

Advertisements

Leave a comment

Filed under Information Security, Mobile Device Security, Security Induction