Despite industry opposition and a failed first attempt, California’s governor signed into law a bill that requires smartphone manufacturers to install and enable kill switch functionality on all smartphones sold after July 1, 2015. Though California isn’t the first state to enact a killswitch law – Minnesota enacted a similar law back in May – it’s the first to require that the kill switch be enabled by factory default. Opponents of the law were quick to point out that any state’s effort to enforce this capability are redundant, as many smartphones already have this functionality, and it is quickly becoming a standard for all manufacturers. Both Apple and Samsung feature some variation of activation locking that prevents stolen phones from being used, but as the authors of the California bill were quick to point out, having it available and actually enabling it are two different things.
What this means for you:
Even if you aren’t a California or Minnesota resident, it’s possible you already own a phone that has some form of kill switch capability, especially if the device was made in the past two years. Even if you are one of the careful 9 out of 10 people who hasn’t had a smartphone stolen, you should enable any kill switch and anti-theft capabilities your phone has to offer, including putting a passcode of some form on your phone. Misplacing a phone could be just as devestating without it, and even though it wasn’t technically “stolen”, no kill switch means that a less scrupulous individual just got a brand new smartphone for free. You should also enable recovery and theft prevention features on any tablet you own – both iOS and Android offer location and security as standard features of the OS – and keep in mind that California’s law only applies to smartphones, not tablets.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
The winter holidays are upon us, and with them comes the shopping, traveling and general merry-making. Law enforcement is also warning about the increasing rate of smartphone thefts as criminals take advantage of the increased distraction, armfuls of packages and winter clothing to abscond with devices they know most people carry and use these days. Though you can do a lot to lower your profile as a potential victim, its an virtual guarantee that a certain percentage of you will have your phone stolen or lost, and aside from the loss of the device itself, your data could also be exploited to your further detriment if your device isn’t properly safeguarded against possible theft. CNET has a comprehensive article detailing how you can secure your data and increase your chances of recovering your iOS, Android or Windows smartphone in case it is stolen, but if you are in a hurry (and who isn’t, these days?), I’ll provide a summary of the basics below.
What this means for you:
For all phones:
- Use a pin, password, or fingerprint to lock your phone.
- Encrypt your phone data. iPhones and Windows Phones do this by default, but it must be enabled manually on Android devices.
- Back up your critical data, whether it’s contacts, emails or photos.
For iPhone Users:
- Disable access to any features made available through the lockscreen, such as dialing and texting via Siri.
- Set up an iCloud account and enable “Find my iPhone” so that your device can be tracked in case of loss or theft.
For Android Users:
- Disable access to lock screen features.
- Setup Android Device Manager and make sure tracking and control of your device is enabled.
- If you use a microSD card, be aware that it cannot be wiped remotely like the phone’s internal memory (but it can be encrypted).
For Windows Phone Users:
- Sit back and relax, as tracking is enabled by default and the lock screen doesn’t allow access to anything.
The article is really worth reading. If you truly are pressed for time, skip to the part that is pertinent to your specific phone platform. The author provides much more detail on how each tracking system works, as well as what the systems can and can’t do. It may mean the difference between having a happy holiday or a blue Christmas if (when) you get separated from your smartphone.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
Thanks to the commoditization of computer hardware, it’s possible to buy a serviceable laptop that costs less than $500 brand new. This has resulted in many companies relaxing the restrictions they had on their purchase and use, but a small healthcare provider in North Idaho learned a harsh lesson that hardware costs are the least of their worries when it comes to losing a laptop. The Hospice of North Idaho recently had a laptop stolen that contained unencrypted, sensitive personal information on over 400 of their patients, and because this is a violation of the Health Insurance Portability and Accountability Act, the Department of Health and Human Services is slapping the non-profit hospice with a $50,000 fine.
What this means for you:
Even if you aren’t a healthcare provider, being aware of the data on your company’s laptops should be a top concern, regardless of whether you think the data doesn’t fall into the protected class outlined by HIPAA. Mobile electronics, like laptops and smartphones are a prized target of thieves, on top of being ridiculously easy to damage and/or misplace all on their own. If your laptops are used heavily on the road, you should consider encrypting some or all of the data on the device, as well as making sure employees are using physical security devices like cable locks whenever the laptop is set down for more than 5 minutes, even if in a “secured” working environment. If your smartphone has access to any company or customer data, you should have auto-locking enabled and at least a 6-digit pin or password to unlock it. Cable locks won’t stop a determined thief, but it will deter most casual theft, and data encryption + passwords will make sure you never have to have that meeting with a client (or worse, a prospect) to let them know that their data might be at risk.
Image courtesy of “cooldesign” / FreeDigitalPhotos.net