Security Director Alert - Time to Update Your BYOD Policy (You do have one don't you?)

According to Alcatel-Lucent’s Motive Security Labs, around 16 million mobile devices are already infected by malicious software designed to spy on users and steal confidential data.

This form of malware is capable of tracking the phone and its owner’s location, monitoring ingoing and outgoing calls, text messages and emails, as well as tracking web browsers.

Cyber-criminals are now targeting Android devices with infection rates for Android and Windows devices estimated to be split 50/50.

Many multinational firms, however, still employ an unmonitored bring-your-own-device (BYOD) policy. This frequently means key staff are connecting to the corporate communications network via unsecured smartphones. It has also led to a situation where staff access social networking sites and audio/visual entertainment of all kinds, exposing them to a growing number of malware attacks. more

BSI Publishes Study on Enterprise Mobile Device Security

BSI, the German Federal Office for Information Security, has published a report on "Enterprise mobile device security" (in German*) that provides a comprehensive overview on the current risks associated with the deployment of mobile devices in an enterprise context.
The report... covers Apple iOS, Google Android and Blackberry devices, taking a hard look at the current generation of hardware and software and the resulting dependencies on a limited number of key suppliers.

The study identifies key risk areas associated with the deployment of mobile devices in an enterprise context... and makes the case for doing so only in the context of a well-defined framework of organizational and technical measures that secure the enterprise against industrial espionage and other kinds of attacks. 

* An English version may be available. Ask at ESD America. 
Audio interview about Cryptophone, a high security cell phone ≈ 6 min.

Mobile Phone Use a Significant Security Risk for Companies

New research suggests that companies are leaving themselves open to potentially serious security and legal risks by employees’ improper use of corporate mobile devices.

Buy them the Cone of Silence.

Experts from the University of Glasgow looked at a sample of mobile phones returned by the employees from one Fortune 500 company and found that they were able to retrieve large amounts of sensitive corporate and personal information. The loss of data such as this has potential security risks, inviting breaches on both an individual and corporate level.

A University of Glasgow release reports that the data yielded by this study on thirty-two handsets included a number of items that could potentially cause significant security risks and, lead to the leakage of valuable intellectual property or exposed the company to legal conflicts. (more)

Business Secrets Leak via Personal Devices

The smartphone revolution opened the floodgates to the BYOD (bring your own device) trend among workers... 

More than half of information workers own the devices they use for work, according to Forrester Research, which surveyed almost 10,000 people in 17 countries, and that proportion is likely to increase, says David Johnson, a senior analyst at Forrester.

The groundswell caused many IT directors to simply throw up their hands. A study published last November by Kaspersky Lab, a digital-security firm, found that one in three organizations allowed personal cellphones unrestricted access to corporate resources—with troubling consequences. One in five companies in the same survey admitted losing business data after personal devices were lost or stolen. (more)

The pressure is on manufacturers to come up with better security features. 
"Certified for Business Use" has a nice value-added ring to it.

FREE - BYOD Policy Guidebook

Bring Your Own Device (BYOD) Policy Guidebook 

This policy guidebook was created to help guide you through the questions to ask and provide some best practices to consider when establishing your own BYOD policies. 

Your employees want to use their own mobile devices for work. This represents a tremendous opportunity for you to extend the benefits of mobile technology to all employees. As more companies embrace the Bring Your Own Device (BYOD) model, many questions arise. 

Offered Free by: SAP  (more)