The smart phone has changed our behavior, sometimes for the better as we are now able to connect and engage with many more people than ever before, sometimes for the worse in that we may have become over-reliant on the connectivity with the outside world that these devices afford us. Either way, there is no going back for the majority of users who can almost instantaneously connect with hundreds if not thousands of people through the various social media and other applications available on such devices and not least through the humble phone call.
However, our dependence brings anxiety. The loss of one’s smart phone not only represents an immediate disconnection from one’s online contacts but is also a potential privacy and security risk should the lost phone wend its way into the hands of a malicious third party. Writing in the International Journal of Mobile Communications, a Canadian team outlines the possible coping mechanisms that might be needed following loss or theft and the security problems that the user might face. The researchers point out that the same anxieties apply equally to lost or stolen laptops, tablet computers and other digital devices.
Zhiling Tu, Yufei Yuan and Norm Archer of McMaster University in Hamilton, Ontario, explain that the convenience of mobility, wireless communication and the information processing power of smart phones and other portable digital devices has led to more and more people carrying with them valuable data assets wherever they go. These assets may include personal and business contacts, private pictures and videos, meeting and lecture notes and the like, banking details, utility statements, company spreadsheets and much more. All such assets are potentially sensitive to abuse by third parties.
The researchers add that as many companies now have a BYOD (bring-your-own-device) policy rather than dispensing a standard corporate device to all employees there are additional security issues that arise from their being centralized control of the data on a given device. The value of lost hardware might be negligible when compared to the loss of sensitive or proprietary data. Perhaps more troubling is that while there are various countermeasures that can be used to cope with mobile device loss and theft, users are either unaware of their existence or unwilling to use them. The cost and convenience of security countermeasures also need to be weighed up.
The team has investigated how general mobile phone users might not cope with the threat of losing their device. They found that a few active and security-conscious users were aware of countermeasures but many users were either not aware of “time bomb” data deletion settings and remote device locks and such or were simply in denial of the risk of their losing their phone. Their findings suggest that an awareness campaign might be needed to encourage general users to make their devices more secure and that organizations must enforce certain features on their employees and members to protect sensitive data that might be on those devices beyond their direct control.
Tu, Z.L., Yuan, Y.F. and Archer, N. (2014) ‘Understanding user behaviour in coping with security threats of mobile device loss and theft’, Int. J. Mobile Communications, Vol. 12, No. 6, pp.603–623.