Bret Ellis - Vice President for Information Technology


Bret Ellis, Weber State University
Contact
(801) 626-7889
Email
Bio

Smartphone Security All Year

MESSAGE FROM THE VP OF IT


For my contribution to IT’s News this month, I thought I would focus on smartphone security. It seems that having a smartphone (or two) is becoming the norm. Recently I was making a presentation to executives about the topic of smartphone security. I queried them about what they considered elements of smartphone security, how many apps they had downloaded to their devices and how much they understood about the app permissions they were agreeing to when they downloaded the app.

I shared with the audience the essence of two articles* I found that I believe were helpful in addressing the important elements of smartphone security and what app permissions mean. Of the ten listed in the FCC article, I’ll highlight five of the ten I believe are somewhat new and valuable.

Set PINs and passwords.

Though really inconvenient to type in a pin or password frequently, the first time you misplace your phone or if it’s taken, you’ll have a bit of comfort knowing the phone‘s contents are safe for a while...until you can employ the apps you’ve installed in step 6 below.

Understand app permissions before accepting them.

As an Android user, I use a free product called Clueful. It dynamically reviews my installed apps and lets me know which ones are most risky with sharing my personal information. I frequently uninstall apps after learning how much information I’m sharing with the developer of a particular app...most often because I don’t believe that app needs that information for it’s function.

Install security apps that enable remote location and wiping.

This one may be the most interesting of all the developments recently for me. So many features are applicable for security and peace of mind, and especially for those who frequently leave their phone at their last appointment, meeting, or even under the couch cushion. A caveat of remote wiping, however, is a phone that hasn’t been backed up frequently creates little solace when you employ the remote wipe feature.

Wipe data on your old phone before you donate, resell, or recycle it.

Occasionally I come across discarded smartphones...frequently due to replacement by a newer model. Wow, the amount of personal and private data left on these phones is scary and occasionally embarrassing. Before moving onto the next greatest smartphone model, take care to reset the phone before the battery is dead, the power adaptor is missing, or before it’s donated to local thrift store.

Report a stolen smartphone.

With the ubiquitousness of smartphones today, occasionally lost, misplaced or stolen phones go unreported. This is not only a privacy risk but also could be a credit risk if the phone is still active and able to conduct transactions or represent you when not in your possession.

We need to be more vigilant and informed every month about our options of security, in order to protect our privacy and data the best we can.

*The full articles can be found here: http://www.fcc.gov/sites/default/files/smartphone_master_document.pdf and www.lifehacker.co.uk/2014/08/10/app-permissions-mean-plain-english

Dr. Bret Ellis: Vice President of Information Technology