SlideShare a Scribd company logo

Mobile and SIM data - quantifying the risk - 2011

CPPGroup Plc
CPPGroup Plc
Technology
1 of 15
Download to read offline
Mobile and SIM data – quantifying the risk A CPP white paper March 2011
Contents 1.1 Foreword 1.2 Background News 1.3 Research methodology 1.4 Key Findings - Over half of used mobile phones and SIM cards contained personal information - Half of second hand mobile phone owners admitted they have found personal information from a previous owner - The vast majority of people (81%) claim to have wiped their mobile or SIM card before selling them - 58 per cent have sold or given away an old mobile phone or SIM card with the average resale price of £47 - Manually wiping the data was the most common method to delete information 1.5 Conclusion 1.6 Safeguarding your mobile data 1.7 Further Information 1.8 About CPP Mobile and SIM data - quantifying the risk March 2011
Introduction 2 1.1 Foreword This report is intended as a reference document to highlight the potential threat of storing sensitive information on mobile handsets and the dangers of uncontrolled disposal of unwanted or used SIM cards and mobile phones. The review is also intended to generate public awareness of the increased risk of using a mobile device as a storage medium and to encourage people to think long and hard about what they as individuals or business employees may be forfeiting in the name of security. The report also highlights a number of potential security vulnerabilities associated with storing sensitive information on a mobile device and recommends ways to avoid being a victim of data loss. The mobile phone has become a technologically advanced device that offers a large host of features above and beyond its traditional use as a communications device. Almost every mobile phone now features some sort of ability to store and record information, or the ability to take either still photographs or capture video. Additionally, the mobile phone may also be equipped with a voice recorder, allowing the user to record sounds and voices. In some cases these features will be used to store sensitive information such as passwords, bank account information and other personal data. With the continued increase of data storage capacity on mobile handsets, there is a reciprocal increase in the threat these devices pose to our identities via the loss of sensitive information through malware or even loss and theft. This situation raised concerns with CPP, who were worried that such information may not be completely or securely removed prior to disposal and therefore present a real and present danger to people’s identities and companies confidential information. Mobile and SIM data - quantifying the risk March 2011
3 1.2 Background News - “In another sign that attackers continue to target the mobile sector, it has been revealed that more than 50 apps on Google’s Android market were infected with malware. The apps, which had been available on Google’s Android Market, were said to contain rootkit malware ‘DroidDream’, which can take command of a mobile handset and send personal details to the remote server.” (source: eWeek Europe, March 2011) DroidDream - “The Zeus malware specifically targeting the Blackberry OS is currently detected by Trend Micro BBOS_ZITMO.B. Once installed, the Trojan removes can take itself from the list of applications, in order to effectively stay under the radar.” (source: Finextra.com, March 2011) command of - “As many as 8 in 10 web browsers are vulnerable to hackers and criminals because they are not kept up-to-date, researchers have found. The vast a mobile majority of users are not following the basic precaution of installing patches for known security holes, making them a relatively easy prey for identity thieves handset and and other attackers.” (source: Daily Telegraph, February 2011) - Whether you’re travelling with a laptop, netbook, smartphone, iPad or all of the send personal above, the risks and defences against them are basically the same, according to Joe Nocera, an information security expert and a principle with details to the PricewaterhouseCoopers. “Many of the security concerns that people think about when they think about their personal computers are applicable in the remote server mobile world. As mobile devices become more sophisticated, they lend themselves to the same types of access to e-mail, passwords, and other secure information that PCs have done in the past”. As specific mobile devices become more popular, they become more of a target for hackers. “Five years ago, the vulnerabilities were Microsoft-based and targeting PCs. Apple tended not to be targeted so often”, say Nocera. “But, in the last year and a half or so, we’re seeing a shift. More and more often we’re seeing either Android or iPhone-based vulnerabilities being targeted. We predict that by 2014 you’ll see those types of vulnerabilities being the most targeted as more and more users go to those mobile devices.” (source: ComputerworldUK, March 2011) - Recent research has revealed the global market for mobile internet will continue to grow rapidly, and reach one billion users by 2015 according to the independent analyst house Ovum (source: Visualsoft, February 2011) Mobile and SIM data - quantifying the risk March 2011
4 1.3 Research Methoodology CPP commissioned research in 2011 to establish how much personal data was accessible on used mobile handsets and SIM cards. The research took two forms: 1. ICM interviewed a random sample of 2,011 adults aged 18+ online between 16 – 18 February 2011. Surveys were conducted across the country and the results were weighted to the profile of all adults. ICM is a member of the British Polling Council and abides by its rules. Further information at www.icmresearch.co.uk 2. A live experiment was also carried out in February 2011. Commissioned by CPP, ethical hacker, Jason Hart, conducted a number of reviews relating to the data contents of re-sold used mobile devices and SIM cards within the United Kingdom with the objective of the review being: - Understand if sensitive information has been left on resold mobile devices - Understand what type of information is stored - To see if information can be recovered from resold mobile device even if the mobile device has been deleted by using software freely available on the internet - Understand what information can be found on used SIM cards - To evaluate whether any information found on a mobile device and or SIM could be used to conduct any form of identity theft against the original owner of the device and or SIM It is important to note that at no point during this experiment was any unauthorised access or sensitive information used against the original owners of the devices or SIM cards. All data found on the mobile phones was deleted – either manually or by using the forensic software to remove and destroy the information. The SIM cards were destroyed. 35 used mobile phones and 50 SIM cards were analysed using the following techniques: - A mobile phone SIM reader (a standard SIM reader that can be purchased from most electric stores) - SIM recovery software - Forensic examination software - mobile forensic software that analysis mobile phones, smartphones and PDAs for data. A total of 35 phones were acquired for the investigation based on the following methods: Method Total Purchased via private seller on ebay 5 Purchased from a number of used mobile business 20 Acquired from people giving away their mobile phones for free 10 Mobile and SIM data - quantifying the risk March 2011
5 In addition to acquiring mobile phones we wanted to understand the level of potential threat of used SIM cards during the investigation. We therefore acquired 50 SIM cards by the following methods: Method Total High street mobile phone stores 30 Aquired from purchase of used mobile phones 10 Requests to general public 10 The following process was used in the conducting of the investigation: - Removal of the SIM (if present) and any media cards - Inserting SIM cards into the SIM reader and extracting any contacts and SMS messages - Inserting media cards into a card reader to extract any information - A manual inspection of the device contents via the user interface - Confirmation if data had been deleted prior to purchase - A logical acquisition of data stored on the handset using forensic examination software In using the above software and hardware we focused the investigation on analysing the data recovered, recording the number of information items and classifying them as personal or business and indicating whether the information could be regarded as sensitive. Each phone and SIM card was examined. In addition, the investigation was primarily focused on the following data categories: - Passwords - Usernames - Bank details - Photos - Notes - Contacts - Credit cards numbers - Video - E-mail addresses - Company information - SMS - E-mails Mobile and SIM data - quantifying the risk March 2011
6 1.4 Key Findings Over half of used mobile phones and SIM cards contained personal information The investigation revealed a worryingly high number of used mobile phones and SIM cards contain some element of personal information left by previous owners. In a number of cases the data left on the mobile or SIM card was highly sensitive. More worryingly, in some cases, the previous owners had believed that they had deleted the content - but it was still easily and quickly recoverable. In relation to the review of mobile phones and SIM cards, below is a summary of the findings. Data Content Total Findings Passwords 3 Usernames 6 Bank details 2 Photos 14 Notes 7 Contacts 35 Credit card numbers 1 Video 19 Email address 17 Company information 4 SMS 139 From just 35 phones and 50 SIM cards a total of 247 pieces of data personal data was easily recovered, including password and bank details. Of the data recovered, over 75 pieces of information were personal in nature and over 13 were highly sensitive including nudity, pornography, bank account details, passwords and sensitive company information. This latter information was enough to commit both personal and company identity fraud. Data was left on 19 of the 35 mobile phones and 27 of the 50 SIM cards. Separately in supporting consumer research via a random sample of over 2,000 UK adults, when we asked people what information they currently have on their mobile phones, the range of personal information was widespread. Whilst we would expect people to carry names (66%), photos (57%), diary dates (36%) and music (36%), some respondents admitted to carrying social networking log in details (14%), work e-mails (6%), PIN numbers (4%), online banking details (2%) and bank account information (2%). Mobile and SIM data - quantifying the risk March 2011
7 34% of 18-24 year olds claim to store social networking log in details on their mobile handsets and six per cent of 25-34 year olds PIN numbers. With mobile data usage increasing all the time, the value of products that provide a complete data back up and remote lock and wipe of all data is clear and would address a very real consumer requirement. Half of second hand mobile phone owners have admitted that they have found personal information from a previous owner In the supporting consumer research, half of second hand mobile owners have admitted they found personal information from a previous owner on the mobile and SIM cards that they have purchased second hand. This is consistent with the results of the live experiment where 54% of mobile phones and SIM cards contained personal information. Phone numbers were the most common form of data left on the handset, but text messages (26%), names (24%) and multi-media (music, videos and photographs) were also prominent. Seven per cent of people claimed to have accessed e-mails, three per cent social media log in details and two per cent bank information. 49 per cent of people who had bought a second hand mobile said they did not find any personal information. Again, this claimed behaviour is broadly consistent with our analysis of the used mobile phones and SIM cards whereby 46% of the handsets did not contain sensitive personal information. Q: Have you ever found any of the following information from a previous owner on a second hand mobile phone you bought? 50% 49% 40% 31% 30% 26% 24% 21% 20% 10% 7% 2% 3% 1% 1% 1% 0% All who have bought a second hand mobile phone or SIM Phone numbers Security information e.e. passwords, pin numbers etc Names Multimedia - music, videos, photographs Bank details Other types of information Social networking log in details No E-mails Don’t know Text messages Mobile and SIM data - quantifying the risk March 2011
8 The vast majority of people (81%) claim to have wiped their mobile or SIM card before selling them Most worryingly 81 per cent of people claim to have wiped their mobiles before selling them, with 60 per cent confident they wiped everything from their mobile handset or SIM card. This conflicts with the experiment that showed over half of mobile handsets and SIM card had retrievable personal data. Men (61%) were marginally more confident than women (58%) that they had deleted all their personal information. Those aged 35-44 (66%) were more confident than those aged 65+ (48%). Nine per cent of people who have sold their mobile or SIM cards were not confident they had wiped their phone or SIM fully. Q: Thinking about when you sold your SIM or mobile phone, which of the following describes what you did about wiping (removing all personal information, media files etc) 81 per cent your SIM or phone? of people 80% claim to have 70% wiped their 60% 61% 58% mobiles 50% before selling 40% them 30% 20% 17% 13% 11% 9% 9% 8% 9% 8% 7% 6% 10% 5% 3% 0% Male Female All who have sold a second hand mobile or SIM card I was advised by the company I sold it to to wipe my phone or SIM I was advised by friends or family to wipe my phone or SIM I am confident I wiped my phone or SIM fully I am not confident I wiped my phone or SIM fully I did not wipe my phone or SIM Not applicable Don’t know Mobile and SIM data - quantifying the risk March 2011
9 58 per cent have sold or given away a used mobile phone or SIM card with the average resale price of £47 When upgrading and disposing of redundant mobile phones and SIM cards, the most popular method of disposal is to give the phone or SIM to a friend or family member (30%). 19 per cent claimed to have donated it to a recycling company and nine per cent sold it to an online shop or via an online audition site like eBay. Seven per cent said they threw it in the bin and five per cent sold it to a friend or family member. Three per cent said they had sold it to a second hand shop. Women were more likely to have given it to a friend or family member or to have donated it to a recycling company. Men on the other hand, were more likely to dispose of their mobile phone or SIM card by selling it online or to a friend and family member or disposing of it in the bin. Those aged 25-44 were the most likely to sell a mobile handset or SIM card via an online shop or through an online auction site like eBay. When we asked people how much they had sold a mobile phone or SIM card, the mean price was £46.60. When you consider that over half the mobile phones and SIM cards in our experiment contained personal information, it would seem that people are inadvertently selling their personal information for a very low price. Those aged 25-34 sold their devices for a mean price of £57.26 verses £31.48 for people aged 65+. The sophistication of handset will have influenced this higher used retail price. Q: Have you ever sold or given away an old mobile phone or SIM card in the following ways? 40% 37% 35% 35% 32% 30% 28% 25% 21% 20% 17% 15% 10% 9% 9% 10% 8% 8% 7% 6% 4% 4% 5% 3% 3% 3% 3% 1% 0 Male Female All Respondents Gave it to a friend or family member Sold it to a friend or family member Donated it to a recycling company Sold it to a second hand shop Sold it to an online shop I have never given away or sold an old mobile phone Sold it on an online auction website e.g. eBay I have never owned a mobile phone Thrown it in the bin Other Mobile and SIM data - quantifying the risk March 2011
10 Manually wiping the data was the most common method to delete information Three quarters (78%) who have wiped their mobile phone or SIM card before selling it on have relied on manually completing this – a process that security experts acknowledge leaves the data intact and retrievable. Using a factory reset on a mobile phone may seem to be the easiest precaution before disposing of the device, but factory resets are far from permanent, since they only delete the header information to your data and allow software to recover the original data. 38% claimed to have performed a hard reset of the device and 4% used a third party software application. Women (82%) were more likely to manually delete information than men (78%), whereas Factory more men are more likely to use third party software or perform a hard reset of the device – all of which are not absolutely secure methods. resets are 18-24 year olds were the most likely (56%) to perform a hard reset of the mobile phone. far from Q: Which ‘wiping’ method have you used? permanent, since they 100% only delete 80% 82% the header 74% information 60% to your data 42% 40% 34% 20% 7% 3% 1% 1% 1% 1% 3% 0% 0% Male Female Wiping Method Erased all data yourself from the handset manually Performed a hard reset of the device Used a third party software application Other type of wiping method Not applicable - didn’t wipe my phone or sim Don’t know Mobile and SIM data - quantifying the risk March 2011
11 1.5 Conclusion This investigation shows that that most people are totally unaware of the issues of storing information on mobile devices. The core issues are as follows: - The report has confirmed users are unaware that in some cases personal data is still obtainable from a devices after the user has deleted content from the mobile device - Most mobile phones do not allow the user to totally delete all personal content or user data - The ability to recover deleted data from a mobile is a very simple process using the correct tools and with limited technical knowledge The surge in - It was very clear from the investigation that smartphones hold far greater information about the user and leave a much larger footprint compared to older mobile phones smart - The investigation showed getting SIM cards can be a very simple process and phones will some mobile phone stores were happy to give away used SIM cards with no concern for the potential breach of privacy provide - The surge in smartphones will provide fraudsters with increased opportunities to defraud the handset owner and organisations that have sensitive information fraudsters stored on the handset. With the increasing penetration and use of smartphones for daily communication and with m-commerce with the evolution of near-field-communications, there is clearly a requirement for heightened awareness amongst consumers about the need for digital increased security beyond laptops and PCs. “Because today’s devices are so much more powerful and can hold so much more opportunities information than ever before, the risks are increasing”, says Martin Hack, information security expert and executive vice president of NCP engineering. “Add to that our to defraud tendency to carry both personal and business information around with us on the same device, and our mobile devices have never looked so appealing to hackers.” (source: the handset ComputerworldUK, March 2011). Whilst there has been no major detrimental impact on consumers to date, we could, one owner day, face a major security lapse as criminals increasingly target mobile applications for data. The Zeus virus that directed victims to a fake website where they were invited to download an application that then steals their banking details could be a sign of phishing attacks becoming a huge problem for smartphone users especially when mobile banking reaches a critical mass. The proliferation of applications for mobile devices makes their pre-screening increasingly difficult as they are becoming the primary way people access internet-based services. Recent research from Ovum predicts the global market for mobile internet will continue to grow rapidly and reach one billion users by 2015 and just fewer than 17% of this global population will access the internet exclusively via their mobile handsets. The provision of products that address the security implications of this transfer of personal data onto the mobile handset will meet a real consumer need and are more relevant than ever. Mobile and SIM data - quantifying the risk March 2011
12 1.6 Safeguarding your mobile data Danny Harrison is Head of Mobile Data Security at CPP and offers the following advice to consumers to help protect them from data loss. Danny has over ten years’ experience and is responsible for CPP’s mobile phone assistance and insurance products that insure against lost, stolen and damaged handsets, and also assists people in the event of lost data. Danny is media trained across print and broadcast and is available for media interviews on the issue of data security. If you are selling your mobile follow the below steps to reduce the risk of data transfer: - Restore all factory settings - this is the first step that you should take as it is the easiest precaution before disposing of the unit, but factory resets are far from permanent so follow the steps below to protect your data - Remove your SIM card and destroy it - Delete back-ups - even if your smartphone, PDA or laptop data is securely removed from the mobile device, it can continue to exist on a back up somewhere else - Log out and delete - make sure you have logged out of all social networking sites, emails, wireless connections, company networks and applications. Once you are logged out make sure you delete the password and connection - Various passwords - avoid using the same ID/password on multiple systems and storing them on your mobile phone, if you are going to store them on your phone use a picture that reminds you of the password - If you are selling your mobile phone ask for it to be wiped if you don’t know how to do it yourself - Don’t store vast amounts of personal information on your mobile phone/SIM if possible If you are keeping your mobile, the following tips should help keep your mobile secure: - Make sure your software is up-to-date – regularly check the manufacturer’s website for updated software patches or firewall updates - Leave the phones security setting as they are – most of the default browser settings are secure, so leave them as they are - Avoid unencrypted public wireless networks – only use encrypted networks which require an ID or password for access. WPA (Wi-Fi protected access) is the most secure. Paying to access a Wi-Fi network does not necessarily mean it is secure - Use websites beginning with ‘https’ not just ‘http’- it means any information you enter is encrypted - Turn off cookies and autofill – if your mobile device automatically enters passwords and login information into websites that you visit, turn that feature off. It is convenient, but it is a security threat - Be careful about what applications you download – be selective which ones you download. Take time to review some of the comments. Mobile and SIM data - quantifying the risk March 2011
13 1.7 Further Information For further information please contact: Nick Jones Head of Public Relations CPPGroup Plc Holgate Park York YO26 4GA www.cppgroup.plc Tel: 01904 544 387 E-Mail: nick.jones@cpp.co.uk Mobile and SIM data - quantifying the risk March 2011
14 CPP is an award- winning organisation: - Winner in the European Contact Centre Awards, Large Team of the Year category, 2010 - Finalist in the European Contact Centre Awards, Best Centre for Customer Service, Large Contact Centre of the Year categories, 2010 - Finalist in the National Sales Awards, Contact Centre Sales Team of the Year category, 2010 - Finalist in the National Insurance Fraud Awards, Counter Fraud Initiative of the Year category, 1.8 About CPP 2009 Corporate Background Information - Finalist in the European Contact Centre Awards, The CPPGroup Plc (CPP) is an international marketing services business offering bespoke Large Team and Advisor customer management solutions to multi-sector business partners designed to enhance of the Year categories, their customer revenue, engagement and loyalty, whilst at the same time reducing cost to 2009 deliver improved profitability. - Named in the Sunday This is underpinned by the delivery of a portfolio of complementary Life Assistance Times 2008 PricewaterhouseCoopers products, designed to help our mutual customers cope with the anxieties associated with Profit Track 100 the challenges and opportunities of everyday life. - Finalists in the National Whether our customers have lost their wallets, been a victim of identity fraud or looking Business Awards, 3i for lifestyle perks, CPP can help remove the hassle from their lives leaving them free to Growth Strategy enjoy life. Globally, our Life Assistance products and services are designed to simplify the category, 2008 complexities of everyday living whether these affect personal finances, home, travel, - Finalist in the National personal data or future plans. When it really matters, Life Assistance enables people to live Business Awards, life and worry less. Business of the Year category, 2007, 2009 Established in 1980, CPP has 11 million customers and more than 200 business partners and Highly Commended across Europe, North America and Asia and employs 2,300 employees who handle in 2008 millions of sales and service conversations each year. - Named in the Sunday In 2010, Group revenue was £325.8 million, an increase of more than 12 per cent over the Times 2006, 2007, 2008 previous year. and 2009 HSBC Top Track 250 companies In March 2010, CPP debuted on the London Stock Exchange (LSE). - Regional winner of the National Training What We Do: Awards, 2007 CPP provides a range of assistance products and services that allow our business partners - Winner of the BITC to forge closer relationships with their customers. Health, Work and Well-Being Award, 2007 We have a solution for many eventualities, including: - Highly Commended in - Insuring our customers’ mobile phones against loss, theft and damage the UK National Customer Service - Protecting the payment cards in our customers’ wallets and purses, should Awards, 2006 these be lost or stolen - Winner of the Tamworth - Providing assistance and protection if a customer’s keys are lost or stolen Community Involvement Award, 2006. Finalist in - Providing advice, insurance and assistance to protect customers against the 2008 insidious crime of identity fraud - Highly Commended in - Assisting customers with their travel needs be it an emergency (for example The Press Best Link lost passport), or basic translation service Between Business and Education, 2005 and - Monitoring the credit status of our customers 2006. Winner in 2007 - Provision of packaged services to business partners’ customers - Finalist in the National Business Awards, Innovation category, For more information on CPP click on www.cppgroupplc.com 2005 Mobile and SIM data - quantifying the risk March 2011

Recommended

Biometric System Penetration in Resource Constrained Mobile Device
Biometric System Penetration in Resource Constrained Mobile DeviceBiometric System Penetration in Resource Constrained Mobile Device
Biometric System Penetration in Resource Constrained Mobile Deviceijbbjournal
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012day4justice
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
Why Managing Mobility Matters
Why Managing Mobility MattersWhy Managing Mobility Matters
Why Managing Mobility MattersDan Sharoni, MSTC, CSM
 
Hacking - how accessible is it?
Hacking - how accessible is it?Hacking - how accessible is it?
Hacking - how accessible is it?CPPGroup Plc
 
Blackberry playbook – new challenges
Blackberry playbook – new challengesBlackberry playbook – new challenges
Blackberry playbook – new challengesYury Chemerkin
 

Recommended

Biometric System Penetration in Resource Constrained Mobile Device
Biometric System Penetration in Resource Constrained Mobile DeviceBiometric System Penetration in Resource Constrained Mobile Device
Biometric System Penetration in Resource Constrained Mobile Deviceijbbjournal
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012day4justice
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
Why Managing Mobility Matters
Why Managing Mobility MattersWhy Managing Mobility Matters
Why Managing Mobility MattersDan Sharoni, MSTC, CSM
 
Hacking - how accessible is it?
Hacking - how accessible is it?Hacking - how accessible is it?
Hacking - how accessible is it?CPPGroup Plc
 
Blackberry playbook – new challenges
Blackberry playbook – new challengesBlackberry playbook – new challenges
Blackberry playbook – new challengesYury Chemerkin
 
Info security - mobile approach
Info security - mobile approachInfo security - mobile approach
Info security - mobile approachEY Belgium
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
 
Mobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksMobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksAIRCC Publishing Corporation
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingJay McLaughlin
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiMasha Geller
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Vulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesVulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesCSCJournals
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop
 
776 s0005
776 s0005776 s0005
776 s0005oscarh1986
 
Cybercrimes
CybercrimesCybercrimes
CybercrimesElanthendral Mariappan
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Review on mobile threats and detection techniques
Review on mobile threats and detection techniquesReview on mobile threats and detection techniques
Review on mobile threats and detection techniquesijdpsjournal
 
White Paper: Mobile Security
White Paper: Mobile SecurityWhite Paper: Mobile Security
White Paper: Mobile SecurityRogers Communications
 
Session7 Koch5
Session7 Koch5Session7 Koch5
Session7 Koch5ukabuka
 
Topc8 managingirr 3
Topc8 managingirr 3Topc8 managingirr 3
Topc8 managingirr 3elenacristinacondrea
 

More Related Content

What's hot

Info security - mobile approach
Info security - mobile approachInfo security - mobile approach
Info security - mobile approachEY Belgium
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
 
Mobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksMobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksAIRCC Publishing Corporation
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingJay McLaughlin
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiMasha Geller
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Vulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesVulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesCSCJournals
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Review on mobile threats and detection techniques
Review on mobile threats and detection techniquesReview on mobile threats and detection techniques
Review on mobile threats and detection techniquesijdpsjournal
 

What's hot (20)

Info security - mobile approach
Info security - mobile approachInfo security - mobile approach
Info security - mobile approach
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overview
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploits
 
Mobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksMobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing Attacks
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
Securing 3-Mode Mobile Banking
Securing 3-Mode Mobile BankingSecuring 3-Mode Mobile Banking
Securing 3-Mode Mobile Banking
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environment
 
Vulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesVulnerabilities in Mobile Devices
Vulnerabilities in Mobile Devices
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded Devices
 
776 s0005
776 s0005776 s0005
776 s0005
 
Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devices
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
Review on mobile threats and detection techniques
Review on mobile threats and detection techniquesReview on mobile threats and detection techniques
Review on mobile threats and detection techniques
 
White Paper: Mobile Security
White Paper: Mobile SecurityWhite Paper: Mobile Security
White Paper: Mobile Security
 

Viewers also liked

Session7 Koch5
Session7 Koch5Session7 Koch5
Session7 Koch5ukabuka
 
Transfer Pricing & ALM Validations
Transfer Pricing & ALM ValidationsTransfer Pricing & ALM Validations
Transfer Pricing & ALM ValidationsAhmed Srour
 
Session8 Koch6
Session8 Koch6Session8 Koch6
Session8 Koch6ukabuka
 
8. new advanced_alm_2011.10.8
8. new advanced_alm_2011.10.88. new advanced_alm_2011.10.8
8. new advanced_alm_2011.10.8feelcool
 
Measuring risk essentials of financial risk management
Measuring risk essentials of financial risk managementMeasuring risk essentials of financial risk management
Measuring risk essentials of financial risk managementChho Phet
 
Interest Rate Risk And Management
Interest Rate Risk And ManagementInterest Rate Risk And Management
Interest Rate Risk And Managementcatelong
 
Financial Risk Management Framwork & Basel Ii Icmap
Financial Risk Management Framwork & Basel Ii IcmapFinancial Risk Management Framwork & Basel Ii Icmap
Financial Risk Management Framwork & Basel Ii Icmapjhsiddiqi2003
 
Risk mangement
Risk mangementRisk mangement
Risk mangementcollege
 
Risk Management Process in OH&S
Risk Management Process in OH&SRisk Management Process in OH&S
Risk Management Process in OH&SAhmed-Refat Refat
 
Financial risk management ppt @ mba finance
Financial risk management ppt @ mba financeFinancial risk management ppt @ mba finance
Financial risk management ppt @ mba financeBabasab Patil
 

Viewers also liked (15)

Session7 Koch5
Session7 Koch5Session7 Koch5
Session7 Koch5
 
Topc8 managingirr 3
Topc8 managingirr 3Topc8 managingirr 3
Topc8 managingirr 3
 
Transfer Pricing & ALM Validations
Transfer Pricing & ALM ValidationsTransfer Pricing & ALM Validations
Transfer Pricing & ALM Validations
 
Session8 Koch6
Session8 Koch6Session8 Koch6
Session8 Koch6
 
8. new advanced_alm_2011.10.8
8. new advanced_alm_2011.10.88. new advanced_alm_2011.10.8
8. new advanced_alm_2011.10.8
 
Measuring risk essentials of financial risk management
Measuring risk essentials of financial risk managementMeasuring risk essentials of financial risk management
Measuring risk essentials of financial risk management
 
Measuring of risk
Measuring of riskMeasuring of risk
Measuring of risk
 
Measuring risk
Measuring riskMeasuring risk
Measuring risk
 
Interest Rate Risk And Management
Interest Rate Risk And ManagementInterest Rate Risk And Management
Interest Rate Risk And Management
 
Financial Risk Management Framwork & Basel Ii Icmap
Financial Risk Management Framwork & Basel Ii IcmapFinancial Risk Management Framwork & Basel Ii Icmap
Financial Risk Management Framwork & Basel Ii Icmap
 
Types of-risk
Types of-riskTypes of-risk
Types of-risk
 
Risk mangement
Risk mangementRisk mangement
Risk mangement
 
Risk Management Process in OH&S
Risk Management Process in OH&SRisk Management Process in OH&S
Risk Management Process in OH&S
 
Financial risk management ppt @ mba finance
Financial risk management ppt @ mba financeFinancial risk management ppt @ mba finance
Financial risk management ppt @ mba finance
 
Risk types
Risk typesRisk types
Risk types
 

Similar to Mobile and SIM data - quantifying the risk - 2011

271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docxlorainedeserre
 
Smartphone Security
Smartphone SecuritySmartphone Security
Smartphone SecurityMalasta Hill
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
Mobile SecurityKalyan BereKodapeComputer Security .docx
Mobile SecurityKalyan BereKodapeComputer Security .docxMobile SecurityKalyan BereKodapeComputer Security .docx
Mobile SecurityKalyan BereKodapeComputer Security .docxroushhsiu
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
Blackberry playbook – new challenges
Blackberry playbook – new challengesBlackberry playbook – new challenges
Blackberry playbook – new challengesSTO STRATEGY
 
Mobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risksMobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risksVladimir Jirasek
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Mobile security trends
Mobile security trendsMobile security trends
Mobile security trendsKen Huang
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environmentIBM Software India
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentHamilton Turner
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesMEDICI admin
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 
Resources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationResources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationOregon Law Practice Management
 

Similar to Mobile and SIM data - quantifying the risk - 2011 (20)

880 st011
880 st011880 st011
880 st011
 
271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx
 
Smartphone Security
Smartphone SecuritySmartphone Security
Smartphone Security
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx
 
Mobile SecurityKalyan BereKodapeComputer Security .docx
Mobile SecurityKalyan BereKodapeComputer Security .docxMobile SecurityKalyan BereKodapeComputer Security .docx
Mobile SecurityKalyan BereKodapeComputer Security .docx
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
Blackberry playbook – new challenges
Blackberry playbook – new challengesBlackberry playbook – new challenges
Blackberry playbook – new challenges
 
Mobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risksMobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risks
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
Mobile security trends
Mobile security trendsMobile security trends
Mobile security trends
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environment
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
 
Securing mobile devices 1
Securing mobile devices 1Securing mobile devices 1
Securing mobile devices 1
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
 
Resources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationResources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client Information
 

More from CPPGroup Plc

Facebook white paper2011
Facebook white paper2011Facebook white paper2011
Facebook white paper2011CPPGroup Plc
 
Anti social neighbours survey
Anti social neighbours surveyAnti social neighbours survey
Anti social neighbours surveyCPPGroup Plc
 
CPP contactless and mobile payments white paper 2011
CPP contactless and mobile payments white paper 2011CPP contactless and mobile payments white paper 2011
CPP contactless and mobile payments white paper 2011CPPGroup Plc
 
Uk wireless network hijacking 2010
Uk wireless network hijacking 2010Uk wireless network hijacking 2010
Uk wireless network hijacking 2010CPPGroup Plc
 
Uk lost and stolen cards 2010
Uk lost and stolen cards 2010Uk lost and stolen cards 2010
Uk lost and stolen cards 2010CPPGroup Plc
 
UK online fraud 2010
UK online fraud 2010UK online fraud 2010
UK online fraud 2010CPPGroup Plc
 
Corporate id fraud 2010
Corporate id fraud 2010Corporate id fraud 2010
Corporate id fraud 2010CPPGroup Plc
 
Uk regional card fraud 2010
Uk regional card fraud 2010Uk regional card fraud 2010
Uk regional card fraud 2010CPPGroup Plc
 
Lost stolen cards 2009
Lost stolen cards 2009Lost stolen cards 2009
Lost stolen cards 2009CPPGroup Plc
 
Uk regional card fraud 2009
Uk regional card fraud 2009Uk regional card fraud 2009
Uk regional card fraud 2009CPPGroup Plc
 

More from CPPGroup Plc (10)

Facebook white paper2011
Facebook white paper2011Facebook white paper2011
Facebook white paper2011
 
Anti social neighbours survey
Anti social neighbours surveyAnti social neighbours survey
Anti social neighbours survey
 
CPP contactless and mobile payments white paper 2011
CPP contactless and mobile payments white paper 2011CPP contactless and mobile payments white paper 2011
CPP contactless and mobile payments white paper 2011
 
Uk wireless network hijacking 2010
Uk wireless network hijacking 2010Uk wireless network hijacking 2010
Uk wireless network hijacking 2010
 
Uk lost and stolen cards 2010
Uk lost and stolen cards 2010Uk lost and stolen cards 2010
Uk lost and stolen cards 2010
 
UK online fraud 2010
UK online fraud 2010UK online fraud 2010
UK online fraud 2010
 
Corporate id fraud 2010
Corporate id fraud 2010Corporate id fraud 2010
Corporate id fraud 2010
 
Uk regional card fraud 2010
Uk regional card fraud 2010Uk regional card fraud 2010
Uk regional card fraud 2010
 
Lost stolen cards 2009
Lost stolen cards 2009Lost stolen cards 2009
Lost stolen cards 2009
 
Uk regional card fraud 2009
Uk regional card fraud 2009Uk regional card fraud 2009
Uk regional card fraud 2009
 

Recently uploaded

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 

Mobile and SIM data - quantifying the risk - 2011

  • 1. Mobile and SIM data – quantifying the risk A CPP white paper March 2011
  • 2. Contents 1.1 Foreword 1.2 Background News 1.3 Research methodology 1.4 Key Findings - Over half of used mobile phones and SIM cards contained personal information - Half of second hand mobile phone owners admitted they have found personal information from a previous owner - The vast majority of people (81%) claim to have wiped their mobile or SIM card before selling them - 58 per cent have sold or given away an old mobile phone or SIM card with the average resale price of £47 - Manually wiping the data was the most common method to delete information 1.5 Conclusion 1.6 Safeguarding your mobile data 1.7 Further Information 1.8 About CPP Mobile and SIM data - quantifying the risk March 2011
  • 3. Introduction 2 1.1 Foreword This report is intended as a reference document to highlight the potential threat of storing sensitive information on mobile handsets and the dangers of uncontrolled disposal of unwanted or used SIM cards and mobile phones. The review is also intended to generate public awareness of the increased risk of using a mobile device as a storage medium and to encourage people to think long and hard about what they as individuals or business employees may be forfeiting in the name of security. The report also highlights a number of potential security vulnerabilities associated with storing sensitive information on a mobile device and recommends ways to avoid being a victim of data loss. The mobile phone has become a technologically advanced device that offers a large host of features above and beyond its traditional use as a communications device. Almost every mobile phone now features some sort of ability to store and record information, or the ability to take either still photographs or capture video. Additionally, the mobile phone may also be equipped with a voice recorder, allowing the user to record sounds and voices. In some cases these features will be used to store sensitive information such as passwords, bank account information and other personal data. With the continued increase of data storage capacity on mobile handsets, there is a reciprocal increase in the threat these devices pose to our identities via the loss of sensitive information through malware or even loss and theft. This situation raised concerns with CPP, who were worried that such information may not be completely or securely removed prior to disposal and therefore present a real and present danger to people’s identities and companies confidential information. Mobile and SIM data - quantifying the risk March 2011
  • 4. 3 1.2 Background News - “In another sign that attackers continue to target the mobile sector, it has been revealed that more than 50 apps on Google’s Android market were infected with malware. The apps, which had been available on Google’s Android Market, were said to contain rootkit malware ‘DroidDream’, which can take command of a mobile handset and send personal details to the remote server.” (source: eWeek Europe, March 2011) DroidDream - “The Zeus malware specifically targeting the Blackberry OS is currently detected by Trend Micro BBOS_ZITMO.B. Once installed, the Trojan removes can take itself from the list of applications, in order to effectively stay under the radar.” (source: Finextra.com, March 2011) command of - “As many as 8 in 10 web browsers are vulnerable to hackers and criminals because they are not kept up-to-date, researchers have found. The vast a mobile majority of users are not following the basic precaution of installing patches for known security holes, making them a relatively easy prey for identity thieves handset and and other attackers.” (source: Daily Telegraph, February 2011) - Whether you’re travelling with a laptop, netbook, smartphone, iPad or all of the send personal above, the risks and defences against them are basically the same, according to Joe Nocera, an information security expert and a principle with details to the PricewaterhouseCoopers. “Many of the security concerns that people think about when they think about their personal computers are applicable in the remote server mobile world. As mobile devices become more sophisticated, they lend themselves to the same types of access to e-mail, passwords, and other secure information that PCs have done in the past”. As specific mobile devices become more popular, they become more of a target for hackers. “Five years ago, the vulnerabilities were Microsoft-based and targeting PCs. Apple tended not to be targeted so often”, say Nocera. “But, in the last year and a half or so, we’re seeing a shift. More and more often we’re seeing either Android or iPhone-based vulnerabilities being targeted. We predict that by 2014 you’ll see those types of vulnerabilities being the most targeted as more and more users go to those mobile devices.” (source: ComputerworldUK, March 2011) - Recent research has revealed the global market for mobile internet will continue to grow rapidly, and reach one billion users by 2015 according to the independent analyst house Ovum (source: Visualsoft, February 2011) Mobile and SIM data - quantifying the risk March 2011
  • 5. 4 1.3 Research Methoodology CPP commissioned research in 2011 to establish how much personal data was accessible on used mobile handsets and SIM cards. The research took two forms: 1. ICM interviewed a random sample of 2,011 adults aged 18+ online between 16 – 18 February 2011. Surveys were conducted across the country and the results were weighted to the profile of all adults. ICM is a member of the British Polling Council and abides by its rules. Further information at www.icmresearch.co.uk 2. A live experiment was also carried out in February 2011. Commissioned by CPP, ethical hacker, Jason Hart, conducted a number of reviews relating to the data contents of re-sold used mobile devices and SIM cards within the United Kingdom with the objective of the review being: - Understand if sensitive information has been left on resold mobile devices - Understand what type of information is stored - To see if information can be recovered from resold mobile device even if the mobile device has been deleted by using software freely available on the internet - Understand what information can be found on used SIM cards - To evaluate whether any information found on a mobile device and or SIM could be used to conduct any form of identity theft against the original owner of the device and or SIM It is important to note that at no point during this experiment was any unauthorised access or sensitive information used against the original owners of the devices or SIM cards. All data found on the mobile phones was deleted – either manually or by using the forensic software to remove and destroy the information. The SIM cards were destroyed. 35 used mobile phones and 50 SIM cards were analysed using the following techniques: - A mobile phone SIM reader (a standard SIM reader that can be purchased from most electric stores) - SIM recovery software - Forensic examination software - mobile forensic software that analysis mobile phones, smartphones and PDAs for data. A total of 35 phones were acquired for the investigation based on the following methods: Method Total Purchased via private seller on ebay 5 Purchased from a number of used mobile business 20 Acquired from people giving away their mobile phones for free 10 Mobile and SIM data - quantifying the risk March 2011
  • 6. 5 In addition to acquiring mobile phones we wanted to understand the level of potential threat of used SIM cards during the investigation. We therefore acquired 50 SIM cards by the following methods: Method Total High street mobile phone stores 30 Aquired from purchase of used mobile phones 10 Requests to general public 10 The following process was used in the conducting of the investigation: - Removal of the SIM (if present) and any media cards - Inserting SIM cards into the SIM reader and extracting any contacts and SMS messages - Inserting media cards into a card reader to extract any information - A manual inspection of the device contents via the user interface - Confirmation if data had been deleted prior to purchase - A logical acquisition of data stored on the handset using forensic examination software In using the above software and hardware we focused the investigation on analysing the data recovered, recording the number of information items and classifying them as personal or business and indicating whether the information could be regarded as sensitive. Each phone and SIM card was examined. In addition, the investigation was primarily focused on the following data categories: - Passwords - Usernames - Bank details - Photos - Notes - Contacts - Credit cards numbers - Video - E-mail addresses - Company information - SMS - E-mails Mobile and SIM data - quantifying the risk March 2011
  • 7. 6 1.4 Key Findings Over half of used mobile phones and SIM cards contained personal information The investigation revealed a worryingly high number of used mobile phones and SIM cards contain some element of personal information left by previous owners. In a number of cases the data left on the mobile or SIM card was highly sensitive. More worryingly, in some cases, the previous owners had believed that they had deleted the content - but it was still easily and quickly recoverable. In relation to the review of mobile phones and SIM cards, below is a summary of the findings. Data Content Total Findings Passwords 3 Usernames 6 Bank details 2 Photos 14 Notes 7 Contacts 35 Credit card numbers 1 Video 19 Email address 17 Company information 4 SMS 139 From just 35 phones and 50 SIM cards a total of 247 pieces of data personal data was easily recovered, including password and bank details. Of the data recovered, over 75 pieces of information were personal in nature and over 13 were highly sensitive including nudity, pornography, bank account details, passwords and sensitive company information. This latter information was enough to commit both personal and company identity fraud. Data was left on 19 of the 35 mobile phones and 27 of the 50 SIM cards. Separately in supporting consumer research via a random sample of over 2,000 UK adults, when we asked people what information they currently have on their mobile phones, the range of personal information was widespread. Whilst we would expect people to carry names (66%), photos (57%), diary dates (36%) and music (36%), some respondents admitted to carrying social networking log in details (14%), work e-mails (6%), PIN numbers (4%), online banking details (2%) and bank account information (2%). Mobile and SIM data - quantifying the risk March 2011
  • 8. 7 34% of 18-24 year olds claim to store social networking log in details on their mobile handsets and six per cent of 25-34 year olds PIN numbers. With mobile data usage increasing all the time, the value of products that provide a complete data back up and remote lock and wipe of all data is clear and would address a very real consumer requirement. Half of second hand mobile phone owners have admitted that they have found personal information from a previous owner In the supporting consumer research, half of second hand mobile owners have admitted they found personal information from a previous owner on the mobile and SIM cards that they have purchased second hand. This is consistent with the results of the live experiment where 54% of mobile phones and SIM cards contained personal information. Phone numbers were the most common form of data left on the handset, but text messages (26%), names (24%) and multi-media (music, videos and photographs) were also prominent. Seven per cent of people claimed to have accessed e-mails, three per cent social media log in details and two per cent bank information. 49 per cent of people who had bought a second hand mobile said they did not find any personal information. Again, this claimed behaviour is broadly consistent with our analysis of the used mobile phones and SIM cards whereby 46% of the handsets did not contain sensitive personal information. Q: Have you ever found any of the following information from a previous owner on a second hand mobile phone you bought? 50% 49% 40% 31% 30% 26% 24% 21% 20% 10% 7% 2% 3% 1% 1% 1% 0% All who have bought a second hand mobile phone or SIM Phone numbers Security information e.e. passwords, pin numbers etc Names Multimedia - music, videos, photographs Bank details Other types of information Social networking log in details No E-mails Don’t know Text messages Mobile and SIM data - quantifying the risk March 2011
  • 9. 8 The vast majority of people (81%) claim to have wiped their mobile or SIM card before selling them Most worryingly 81 per cent of people claim to have wiped their mobiles before selling them, with 60 per cent confident they wiped everything from their mobile handset or SIM card. This conflicts with the experiment that showed over half of mobile handsets and SIM card had retrievable personal data. Men (61%) were marginally more confident than women (58%) that they had deleted all their personal information. Those aged 35-44 (66%) were more confident than those aged 65+ (48%). Nine per cent of people who have sold their mobile or SIM cards were not confident they had wiped their phone or SIM fully. Q: Thinking about when you sold your SIM or mobile phone, which of the following describes what you did about wiping (removing all personal information, media files etc) 81 per cent your SIM or phone? of people 80% claim to have 70% wiped their 60% 61% 58% mobiles 50% before selling 40% them 30% 20% 17% 13% 11% 9% 9% 8% 9% 8% 7% 6% 10% 5% 3% 0% Male Female All who have sold a second hand mobile or SIM card I was advised by the company I sold it to to wipe my phone or SIM I was advised by friends or family to wipe my phone or SIM I am confident I wiped my phone or SIM fully I am not confident I wiped my phone or SIM fully I did not wipe my phone or SIM Not applicable Don’t know Mobile and SIM data - quantifying the risk March 2011
  • 10. 9 58 per cent have sold or given away a used mobile phone or SIM card with the average resale price of £47 When upgrading and disposing of redundant mobile phones and SIM cards, the most popular method of disposal is to give the phone or SIM to a friend or family member (30%). 19 per cent claimed to have donated it to a recycling company and nine per cent sold it to an online shop or via an online audition site like eBay. Seven per cent said they threw it in the bin and five per cent sold it to a friend or family member. Three per cent said they had sold it to a second hand shop. Women were more likely to have given it to a friend or family member or to have donated it to a recycling company. Men on the other hand, were more likely to dispose of their mobile phone or SIM card by selling it online or to a friend and family member or disposing of it in the bin. Those aged 25-44 were the most likely to sell a mobile handset or SIM card via an online shop or through an online auction site like eBay. When we asked people how much they had sold a mobile phone or SIM card, the mean price was £46.60. When you consider that over half the mobile phones and SIM cards in our experiment contained personal information, it would seem that people are inadvertently selling their personal information for a very low price. Those aged 25-34 sold their devices for a mean price of £57.26 verses £31.48 for people aged 65+. The sophistication of handset will have influenced this higher used retail price. Q: Have you ever sold or given away an old mobile phone or SIM card in the following ways? 40% 37% 35% 35% 32% 30% 28% 25% 21% 20% 17% 15% 10% 9% 9% 10% 8% 8% 7% 6% 4% 4% 5% 3% 3% 3% 3% 1% 0 Male Female All Respondents Gave it to a friend or family member Sold it to a friend or family member Donated it to a recycling company Sold it to a second hand shop Sold it to an online shop I have never given away or sold an old mobile phone Sold it on an online auction website e.g. eBay I have never owned a mobile phone Thrown it in the bin Other Mobile and SIM data - quantifying the risk March 2011
  • 11. 10 Manually wiping the data was the most common method to delete information Three quarters (78%) who have wiped their mobile phone or SIM card before selling it on have relied on manually completing this – a process that security experts acknowledge leaves the data intact and retrievable. Using a factory reset on a mobile phone may seem to be the easiest precaution before disposing of the device, but factory resets are far from permanent, since they only delete the header information to your data and allow software to recover the original data. 38% claimed to have performed a hard reset of the device and 4% used a third party software application. Women (82%) were more likely to manually delete information than men (78%), whereas Factory more men are more likely to use third party software or perform a hard reset of the device – all of which are not absolutely secure methods. resets are 18-24 year olds were the most likely (56%) to perform a hard reset of the mobile phone. far from Q: Which ‘wiping’ method have you used? permanent, since they 100% only delete 80% 82% the header 74% information 60% to your data 42% 40% 34% 20% 7% 3% 1% 1% 1% 1% 3% 0% 0% Male Female Wiping Method Erased all data yourself from the handset manually Performed a hard reset of the device Used a third party software application Other type of wiping method Not applicable - didn’t wipe my phone or sim Don’t know Mobile and SIM data - quantifying the risk March 2011
  • 12. 11 1.5 Conclusion This investigation shows that that most people are totally unaware of the issues of storing information on mobile devices. The core issues are as follows: - The report has confirmed users are unaware that in some cases personal data is still obtainable from a devices after the user has deleted content from the mobile device - Most mobile phones do not allow the user to totally delete all personal content or user data - The ability to recover deleted data from a mobile is a very simple process using the correct tools and with limited technical knowledge The surge in - It was very clear from the investigation that smartphones hold far greater information about the user and leave a much larger footprint compared to older mobile phones smart - The investigation showed getting SIM cards can be a very simple process and phones will some mobile phone stores were happy to give away used SIM cards with no concern for the potential breach of privacy provide - The surge in smartphones will provide fraudsters with increased opportunities to defraud the handset owner and organisations that have sensitive information fraudsters stored on the handset. With the increasing penetration and use of smartphones for daily communication and with m-commerce with the evolution of near-field-communications, there is clearly a requirement for heightened awareness amongst consumers about the need for digital increased security beyond laptops and PCs. “Because today’s devices are so much more powerful and can hold so much more opportunities information than ever before, the risks are increasing”, says Martin Hack, information security expert and executive vice president of NCP engineering. “Add to that our to defraud tendency to carry both personal and business information around with us on the same device, and our mobile devices have never looked so appealing to hackers.” (source: the handset ComputerworldUK, March 2011). Whilst there has been no major detrimental impact on consumers to date, we could, one owner day, face a major security lapse as criminals increasingly target mobile applications for data. The Zeus virus that directed victims to a fake website where they were invited to download an application that then steals their banking details could be a sign of phishing attacks becoming a huge problem for smartphone users especially when mobile banking reaches a critical mass. The proliferation of applications for mobile devices makes their pre-screening increasingly difficult as they are becoming the primary way people access internet-based services. Recent research from Ovum predicts the global market for mobile internet will continue to grow rapidly and reach one billion users by 2015 and just fewer than 17% of this global population will access the internet exclusively via their mobile handsets. The provision of products that address the security implications of this transfer of personal data onto the mobile handset will meet a real consumer need and are more relevant than ever. Mobile and SIM data - quantifying the risk March 2011
  • 13. 12 1.6 Safeguarding your mobile data Danny Harrison is Head of Mobile Data Security at CPP and offers the following advice to consumers to help protect them from data loss. Danny has over ten years’ experience and is responsible for CPP’s mobile phone assistance and insurance products that insure against lost, stolen and damaged handsets, and also assists people in the event of lost data. Danny is media trained across print and broadcast and is available for media interviews on the issue of data security. If you are selling your mobile follow the below steps to reduce the risk of data transfer: - Restore all factory settings - this is the first step that you should take as it is the easiest precaution before disposing of the unit, but factory resets are far from permanent so follow the steps below to protect your data - Remove your SIM card and destroy it - Delete back-ups - even if your smartphone, PDA or laptop data is securely removed from the mobile device, it can continue to exist on a back up somewhere else - Log out and delete - make sure you have logged out of all social networking sites, emails, wireless connections, company networks and applications. Once you are logged out make sure you delete the password and connection - Various passwords - avoid using the same ID/password on multiple systems and storing them on your mobile phone, if you are going to store them on your phone use a picture that reminds you of the password - If you are selling your mobile phone ask for it to be wiped if you don’t know how to do it yourself - Don’t store vast amounts of personal information on your mobile phone/SIM if possible If you are keeping your mobile, the following tips should help keep your mobile secure: - Make sure your software is up-to-date – regularly check the manufacturer’s website for updated software patches or firewall updates - Leave the phones security setting as they are – most of the default browser settings are secure, so leave them as they are - Avoid unencrypted public wireless networks – only use encrypted networks which require an ID or password for access. WPA (Wi-Fi protected access) is the most secure. Paying to access a Wi-Fi network does not necessarily mean it is secure - Use websites beginning with ‘https’ not just ‘http’- it means any information you enter is encrypted - Turn off cookies and autofill – if your mobile device automatically enters passwords and login information into websites that you visit, turn that feature off. It is convenient, but it is a security threat - Be careful about what applications you download – be selective which ones you download. Take time to review some of the comments. Mobile and SIM data - quantifying the risk March 2011
  • 14. 13 1.7 Further Information For further information please contact: Nick Jones Head of Public Relations CPPGroup Plc Holgate Park York YO26 4GA www.cppgroup.plc Tel: 01904 544 387 E-Mail: nick.jones@cpp.co.uk Mobile and SIM data - quantifying the risk March 2011
  • 15. 14 CPP is an award- winning organisation: - Winner in the European Contact Centre Awards, Large Team of the Year category, 2010 - Finalist in the European Contact Centre Awards, Best Centre for Customer Service, Large Contact Centre of the Year categories, 2010 - Finalist in the National Sales Awards, Contact Centre Sales Team of the Year category, 2010 - Finalist in the National Insurance Fraud Awards, Counter Fraud Initiative of the Year category, 1.8 About CPP 2009 Corporate Background Information - Finalist in the European Contact Centre Awards, The CPPGroup Plc (CPP) is an international marketing services business offering bespoke Large Team and Advisor customer management solutions to multi-sector business partners designed to enhance of the Year categories, their customer revenue, engagement and loyalty, whilst at the same time reducing cost to 2009 deliver improved profitability. - Named in the Sunday This is underpinned by the delivery of a portfolio of complementary Life Assistance Times 2008 PricewaterhouseCoopers products, designed to help our mutual customers cope with the anxieties associated with Profit Track 100 the challenges and opportunities of everyday life. - Finalists in the National Whether our customers have lost their wallets, been a victim of identity fraud or looking Business Awards, 3i for lifestyle perks, CPP can help remove the hassle from their lives leaving them free to Growth Strategy enjoy life. Globally, our Life Assistance products and services are designed to simplify the category, 2008 complexities of everyday living whether these affect personal finances, home, travel, - Finalist in the National personal data or future plans. When it really matters, Life Assistance enables people to live Business Awards, life and worry less. Business of the Year category, 2007, 2009 Established in 1980, CPP has 11 million customers and more than 200 business partners and Highly Commended across Europe, North America and Asia and employs 2,300 employees who handle in 2008 millions of sales and service conversations each year. - Named in the Sunday In 2010, Group revenue was £325.8 million, an increase of more than 12 per cent over the Times 2006, 2007, 2008 previous year. and 2009 HSBC Top Track 250 companies In March 2010, CPP debuted on the London Stock Exchange (LSE). - Regional winner of the National Training What We Do: Awards, 2007 CPP provides a range of assistance products and services that allow our business partners - Winner of the BITC to forge closer relationships with their customers. Health, Work and Well-Being Award, 2007 We have a solution for many eventualities, including: - Highly Commended in - Insuring our customers’ mobile phones against loss, theft and damage the UK National Customer Service - Protecting the payment cards in our customers’ wallets and purses, should Awards, 2006 these be lost or stolen - Winner of the Tamworth - Providing assistance and protection if a customer’s keys are lost or stolen Community Involvement Award, 2006. Finalist in - Providing advice, insurance and assistance to protect customers against the 2008 insidious crime of identity fraud - Highly Commended in - Assisting customers with their travel needs be it an emergency (for example The Press Best Link lost passport), or basic translation service Between Business and Education, 2005 and - Monitoring the credit status of our customers 2006. Winner in 2007 - Provision of packaged services to business partners’ customers - Finalist in the National Business Awards, Innovation category, For more information on CPP click on www.cppgroupplc.com 2005 Mobile and SIM data - quantifying the risk March 2011