Phone Hacking: Prevention and Protection

Media_httpfarm6static_htbfn

The demise of the News of the World and on-going stories of phone hacking reveal the prevalence of this despicable practice.

As reports have shown, you do not have to be a celebrity to be a phone hacking target by unscrupulous individuals.  My advice, therefore, to anyone with a mobile is to protect and safeguard privacy with a PIN.

Hackers take advantage of apathy on the part of mobile phone users, their naivety or lack of knowledge.  If you have never set a PIN on your Voicemail you will be accessing messages through your mobile’s default number.  This is usually a simple four digit PIN such as 0000 or 1234. Here’s how phone hacking basically works.

A hacker can call your mobile directly, or via the mobile network’s specific access number.  Remember your mobile number may be in the public arena in a variety of ways (printed on your business cards/letterheads or available through social media networks).  Having dialled your mobile,  the hacker will then guess at your easy default PIN to access your messages.  These may be highly personal or contain important professional information.  Hackers can listen to new and saved messages and delete them.  

Essentially, the ease in accessing Voicemail means you cannot necessarily tell if your mobile has been hacked.  You would, however, have suspicions raised if someone you knew mentioned they had left you a message which you could not find on Voicemail.  This would indicate it had been deleted by a hacker.  You would also be suspicious if a message accessed by a hacker but not deleted was saved before you had actually listened to it.

If you have not already done so, set a PIN on your Voicemail now.  Choose at least four random numbers and avoid guessable dates of birth, or repetitive sequences such as 1212.  If you only ever access your Voicemail via your mobile you do not need to memorise your PIN as you can change it at will.  However, there are practical benefits to keeping and remembering it.  If you forget to take your mobile with you, or its battery is flat, you can still access its Voicemail messages from a landline via your secret PIN.  The added benefit being that no-one else can.

The major mobile networks have different methods for setting Voicemail PINs as explained recently in The Telegraph.

Contact me if you experience any difficulties and/or need advice in setting a Voicemail PIN on your mobile.

Image Credit: yisris

Mobile Phone Data Security

Media_httpwwwbusinessmobilephonenetblogwpcontentuploads200907firstmobilephonejpg_gvajwwdawddfxce

Mobile phones make life very easy on the one hand, and very difficult on the other. Here's why.

A study by TAXI, the magazine for the Licensed Taxi Drivers Association, revealed that during a six-month period a staggering 63,135 mobile phones were mistakenly left in London cabs.  If they contained customer data and information that was not secure, then their owners could find themselves in breach of the Data Protection Act.

MOBILE PHONE DATA SECURITY

Mobile phones are common tools of the trade now for many businesses. However, in recent years these devices have become much more sophisticated. Many have the capacity to store over one million emails, as well as contact details of an entire customer base and other sensitive information, such as word documents and spreadsheets.

Awareness
Think how important the data on your mobile phone is.  Be aware, too, that if your employees are equipped with a company mobile phone, they must similarly be conscious of the importance of any stored information and contact details.  We strongly recommend that you look at your own mobile device security strategy, and that of your company. 

Precautions
As a first step you should note down your mobile device’s IMEI (International Mobile Equipment Identity) number. This is often found underneath the battery and your mobile provider will require it when you report the loss or theft of your mobile.  This should be a mandatory safety measure for all staff with company mobiles.

Seven Steps to Take
Here are some of the other things you should consider in formulating your mobile security strategy:
  • Enable the “Automatic Lock” function on your device, and set the lock period to the minimum time
  • Enable the “Require Pin” function or, if the option is available, the lock device on SIM card removal 
  • If you use memory cards, enable the “Encrypt External Storage” option if supported by your device
  • Only store essential names, numbers and documents on your mobile phone
  • Check with your mobile provider if your device supports “Remote Wipe”, and know how to implement this
  • Keep your mobile provider’s number handy as they can disable your phone when you give them your IMEI 
  • Be prepared to notify the Information Commissioner and your customers if a mobile device with customer data is lost/stolen
Further Action
There may be other things specific to your business that you need to think about, and you may need to create a workplace policy to ensure all staff are aware of the implications of storing data on mobile devices.