It seems we can't go a day lately without a new story about some security screw-up involving a lost or misplaced Blackberry. This week, officials with John McCain's campaign mistakenly sold a Blackberry to a Fox television reporter for $20 in a fire sale. The device contained confidential campaign information. And many Hollywood gossip publications were abuzz earlier this month with news that Tom Cruise had lost his Blackberry while promoting a movie in Toronto. (Mixed reports now peg the device as either "found," or "never lost in the first place.")
With all of these slip-ups, it's no wonder White House officials want President-Elect Barack Obama to relinquish his Blackberry before taking office. With this in mind, CSO asked Dan Hoffman, author, mobile security expert and CTO of SMobile Systems, for his advice on ways to keep your Blackberry safe.
Treat your Blackberry like a PC is a mini computer, said Hoffman.
You wouldn't shop online, open email attachments and check your bank account on your PC without having the proper firewalls, anti-virus and anti-malware protections in place, would you? So, why are you doing it with your Blackberry? A Blackberry
"The perception that viruses and malware are not a problem on Blackberries is out dated," said Hoffman. "The reason we don't hear about widespread infections is because the nature of malware has changed. Infections used to be done for fun and notoriety. Now these crimes are financially motivated."
Without software that can scan for problems and update virus definitions, Blackberry owners are being quietly infected without even knowing it, said Hoffman. And the creepiest part of that news is that the most popular type malware currently seen on Blackberries is spyware, according to Smobile Systems research.
"Spyware can intercept every email and text message that goes in and out of the device. And it can remotely turn on the phone and listen in on conversations," said Hoffman.
Watch your back
Does this sound familiar? You are killing time during a layover in Dallas and are housekeeping on your Blackberry: Checking and responding to work emails, making important work-related calls. Maybe you are even checking your bank account.
"I can't even tell you how much personal and sensitive information I've inadvertently seen or heard over the years because of what people were doing with their mobile devices," said Hoffman.
Hoffman recounts a recent flight where he sat directly behind a Blackberry user who was organizing all of his passwords and entry codes.
"I could see everything though the seats," said Hoffman.
Hoffman's point? Be discreet. Keep your private information private by taking care of business in a place where prying eyes can't see. And keep the conversations in front of people to a minimum. Besides risking a potential breach, you also risk annoying your neighbor.
Keep it on you!!
This sounds like the most obvious piece of advice, but, as Hoffman points out, this is where most of the trouble begins for Blackberry owners.
"They are small and just left everywhere," noted Hoffman.
Popular places for slip-ups and loss include bars and restaurants where users place the device on a table or a bar, get into conversation and forget about. This not only opens up the possibility of leaving it behind, but also for theft. Even a temporary theft can be damaging. The bad guy can either obtain sensitive data or install a Trojan horse within a matter of seconds once the device is in hand, said Hoffman.
Have back up
Ok, so you didn't follow the last step and now you have idea where your Blackberry is located. What can you do? It depends on if you have prepared for this scenario.
If it's a corporate device and you work for a company with an enterprise Blackberry server, contact IT immediately. They can remotely lock or wipe the device. If it is your personal Blackberry, or if your company doesn't have that kind of support, consider installing software that gives you this kind of capability. Investing in a program that gives you remote access means you can lock the device so others can't get into it. You can also back up the information you have stored on the Blackberry and wipe it clean if you think it is lost permanently.
The investment, said Hoffman, means a lost device is simply a lost device, a piece of hardware. If you act quickly enough, it won't mean the loss of sensitive corporate data.
Utilize encryption encryption is there, said Hoffman. Users simply need to activate. But many unfortunately do not.
On RIM devices,