Working From Your Own Mobile – Safe or Not?

Is your company debating whether to allow employees to use their private mobile phones for work?  Thousands of companies, large and small, are holding discussions on the pros and cons of permitting personal mobile devices to be used for work-related functions.  Why wouldn’t a company welcome the opportunity to save money on purchasing, training, implementing and maintaining their own company-owned mobile devices if employees are willing to use their own?  It’s worth looking at both sides of the debate.

An employee’s wish to use a personal mobile phone or pad is most often related to personal preference and convenience.  People typically choose their mobile phones based on their own comfort level and the features they want most. They buy from a carrier they trust, and choose a plan that specifically suits their needs. They personalize their settings, download the apps they want, and the mobile phone becomes part of their everyday set of personal accessories.  Corporate employers tend to make large equipment purchases from one vendor, and the models they choose are not always as feature-luxurious as we might like.  Corporate owned phones are often issued with restrictions, including what kinds of apps the user is allowed to download.  That kind of control can hardly be extended to a privately-owned phone.

As we become a more mobile-dependent society, it seems logical to have our mobile lives all in one place, on one device.  It doesn’t make much sense to have to have to use two separate phones, especially when many of us work odd hours, and our work is part of daily life.

However, from an employers’ perspective, hundreds of different mobile phone models simultaneously accessing company data as well as personal data could prove to be a corporate nightmare.  How does an IT department monitor a user’s personal maintenance of the device, much less control the required update downloads, and enforce security parameters they would normally impose on a company-issued mobile phone?  It could be a real challenge to ensure that each personal phone is in compliance with company standards, and if a phone is used for business, there is some question about whether a company should be responsible for its repairs and upkeep.

If the company IT department is diligent about security issues, employees with personal phones will have to comply with some uniform safety measures.  But, what risks might arise when an employee leaves the company?  An employer may have to include a “wipe” requirement in the BYOD policy, to protect company data, and that, too, could be difficult to enforce.

Hundreds of such issues are bubbling up that demand amicable solutions.  When a respected corporation finally pounds out a sound policy that works well for both employer and employee, others will follow suit.  In the meantime, the BYOD question requires a great degree of thought and compromise.

Part 3: NQ Mobile & NCSA Consumer Survey

Download the full 2012 Consumer Survey 

Tomorrow, January 28, 2012, has been declared Data Privacy Day by the  National Cyber Security Alliance (NCSA).  Events are planned worldwide to recognize and honor a day devoted to learning, understanding and teaching online safety. This is our third blog this week discussing the results of the Consumer Survey we conducted in collaboration with NCSA. If you missed the first two, be sure to check them out.

The 2012 Consumer Survey we did with NCSA has opened the eyes of many of us in the security industry about the vague level of knowledge that exists in our population about smartphone safety. It’s not that people really don’t give a hoot about having their personal data stolen – not at all.  For some, malware may not have yet touched their lives in any significant way. Mobile malware has reached almost epidemic proportions in countries like Russia and  China, but the problem is now growing quickly in our country. For some, there exists only a hazy awareness of the risks, and some folks think they’re already somehow protected from malware.  While there’s a significant level of concern about security among smartphone users, there’s  a noticeable gap in our knowledge and education about it.

Let’s look at more of the intriguing findings from our study.

* A strong majority of folks (78%) are concerned about security threats related to smartphones.  But, when we asked our participants about specific security concerns, we found out that women are generally more concerned about every type of threat than are men.  An interesting bubble that surfaced in the “specifics” area is that women seem to be more concerned about privacy than security.  In other words, women dislike, more than men, the idea of their password being revealed or their privacy being invaded, while men’s concerns seem to run more toward security threats, such as data theft and invasions of malicious code.

* Most participants (87%) feel that their smartphone activities can be tracked, either by their carrier or intruders, however only a little over half of our sample reported knowing how to set permissions for location tracking, and only 38 percent know how to turn off the geo-tagging setting on their phone.

* The most persistent concern across our sample was that of loss or theft of the owner’s smartphone, and compromise of the data it contains.

* Nine out of ten of our interviewees have downloaded apps onto their smartphones – of course!  Everyone does that.  But, only 60 percent were aware that when downloading apps could be providing access to private information stored on their phones.

The upshot of our survey?  Education is vital!  Approximately 118 million smartphones were sold during the third quarter of last year alone, and those numbers have increased tremendously since then!  When a wave of this magnitude occurs in our global society, the importance of education becomes a stark reality.

NCSA is making heroic efforts over these next few weeks to offer every opportunity for education about online safety and privacy.  Worldwide Data Privacy Day events are planned for weeks to come.   NCSA has made educational materials, ideas and suggestions available on their website for parents, instructors, students and the general public.  We at NQ Mobile invite everyone to heighten their awareness of mobile security, and to pass your knowledge on to others as a way to make our mobile society a safer one.

(Read our press release on results of our Consumer Survey)

Part 2: NQ Mobile & NCSA Consumer Survey

Download the full 2012 Consumer Survey

As we perused the results of the 2012 Consumer Survey undertaken in collaboration with the National Cyber Security Alliance (NCSA), some very thought-provoking realities emerged about ourselves as a smartphone-owning population. Conducted among 1,158 participants by an outside research firm, the survey gathered significant information about the perspectives and attitudes toward mobile security from an adult sample of various ages, education and income.

We asked people if they’re aware of security protection for their mobile phones and pads, and what we found was more than half of those interviewed  don’t really know enough about mobile security to decide whether they need it or not!  This was an interesting bit of information.  For the hundreds of thousands of smartphones sold in late 2011 and early this year, it’s a little astonishing to find that security information is very seldom made available to new owners. In fact, only 7 percent of our participants said they’d been offered any information at all about security when they purchased their phones. A large percentage of folks admit that they wouldn’t know where to look for a security solution, and would need some help finding it.

It seems that many smartphone owners, although aware they could use some privacy protection, have a somewhat laid-back outlook toward taking precautionary measures.  It appears we’re all at least generally, perhaps vaguely, aware that there is some risk involved, but it appears many people (70%) feel their phones are already protected somehow!  When our interviewers asked what types of protection these participants have on their phones, half of them were unable to specify exactly what security measures had been taken. However, a majority of folks who don’t yet have any kind of security package on their smartphones have just not addressed the issue, aren’t really concerned about it, or don’t know enough about it.

Learning to use a smartphone takes a certain amount of patience and knowledge, and it’s fun.  If consumers were able to learn half as much about mobile security as they do about the wonderful features on their smartphones, we’d have far fewer incidents of mobile-related cyber crime.  We certainly don’t blame the smartphone owning population for this gap in knowledge, but the glaring fact that emerged from our study is that more education about cyber security needs to be circulated freely and abundantly.  The mobile industry, as well as parents, teachers and employers, needs to pick up the pace in educating the public about how to be savvy mobile users, and how to avoid becoming a target for criminals.

We at NQ Mobile are proud to be a sponsor of the National Cyber Security Alliance (NCSA), an organization whose primary purpose is to inform and educate the public about how to stay safe online.  As we approach Data Privacy Day this week (January 28, 2012), let’s take a few moments to think about how we can help raise awareness of mobile security in someone we know.  A good start would be investigating the best mobile protection, and going online at NCSA.  The site offers information, teaching materials and a list of events designed to support teachers, parents and leaders in spreading the word about mobile security mindfulness.

Be sure to read our press release about the NQ Mobile 2012 Consumer Survey.

Part 1: NQ Mobile & NCSA Consumer Survey

Download the full 2012 Consumer Survey

Maybe you haven’t heard yet about NQ Mobile’s 2012 Consumer Survey, which we conducted and released in partnership with The National Cyber Security Alliance (NCSA) in support of Data Privacy Day 2012.   We interviewed 1158 smartphone owners and asked them all kinds of questions about mobile security.  We wanted to get an idea of what people think when it comes to mobile protection, and to find out their concerns and viewpoints.  The survey participants were all adults, and the online interviews were conducted by an outside, professional research firm.  We’re optimistic that the size and quality of the sample that was selected represents our general population in terms of attitudes and knowledge about mobile security.  So, what did they have to say?

More than three-quarters of the people we interviewed are concerned about security risks. But, curiously, these concerns appear to be more prevalent in people who are 55 and older.  Does this simply indicate a fuller awareness of the risks involved in technology, or does it reflect a general discomfort and lack of knowledge about it in people over 55?  Technology has developed at lightning speed in the past decades.  Perhaps baby boomers are still a bit stunned by it all, or maybe they actually know too much.  For those of us who’ve been around a few decades, it’s hard to ignore that fraud and corruption have reached unprecedented levels in our society – the aging generation may be appropriately nervous about smartphone security. Regardless of the reasons, our stats show that the 25-year old couple next door is likely to be less concerned about securing the family smartphones against malware, than the older couple across the street, who can remember dialing a phone with one finger in a small hole. We’ve come a very long way in a very short period of time.

Another interesting bit of information surfaced in our survey when we got around to asking about specific kinds of mobile privacy issues.  We found out that the top, number one concern of most people when it comes to their phone is losing it, or having it stolen, and having their information improperly  used.  So many more people are making financial transactions on their smartphones that this is a logical concern.  But, why is it number one on the list?  Maybe a lot of us have a sense that having the physical phone with us will assure its safety. Perhaps it’s the one thing that most commonly happens to people who own smartphones – it happens a lot!  But, loss and theft landing at the top of the concern list may be telling us something.  Maybe people aren’t as aware as we should be that the private data on our phones can be compromised in ways that don’t involve loss of the phone.  It’s clear that lots of people aren’t yet aware that they can download apps that will infect their phones, and that their phone’s data can be collected remotely.  There also seemed to be a general lack of knowledge about specific malware, such as SMS premium calling scams.  If this survey is telling us anything, it’s that we need to ramp up our efforts to educate the general public on the risks involved with owning a smartphone.

Tune in to all our blogs this week for more discussions on the survey results, and check out today’s press release.

Mobile Trends in 2011– How Will They Impact 2012?

As predicted by mobile research firms in 2010, the year 2011 brought a profound increase in sales of smartphones, tablets and pads, as well as a significantly rising rate of malware incidents.  It’s worth taking a moment to glance at the sales trends, morphing products, and the concurrent fraudulent behaviors that persist in the malware industry.

2011 Products:  While we watched Symbian purchases decline in 2011, sales of Android based phones simply skyrocketed.  The Blackberry took a notable dive in the third quarter, and, on the heels of that, Google reported it was activating 550,000 Android smartphones every single day. By the end of last year, it seemed that mobile pad devices and feature-rich smartphones could have ranked as the number-one holiday gifts of the year, based on the sharp upsurge in December sales.

2011 Malware:  Not surprisingly, the occurrences of mobile malware increased in 2011, and actually doubled between the months of July and December!  Trojans, spyware, brand repackaging, and premium calling scams became more widespread in 2011 as they reached the shores of countries still in their mobile infancy.

By the last quarter of 2011, hackers had figured out how to crack into QR codes, the uniquely designed symbols that let mobile users get a quick peek into a company’s sales or special announcements. Widespread political unrest led to new developments in mobile hacking that came on strong in 2011.  High-level, targeted phishing and hacking into the systems of government agencies and large corporations gave rise to the term “hactivism.”

2012 Products:  Today’s news is that Android activations, now outpacing human births, are currently calculated to be an astonishing 700,000 per day!  It’s hard to imagine, at that rate, how much longer we will need or use telephone landlines.

Wireless tablets and pad sales also continue to grow steadily.  If this year’s CES in Las Vegas this month was any indicator, wireless innovation is going to grow even more dominant as a means of telecommunication. Smartphones are smarter than ever before, and it looks as though LTE 4G will become mainstream.

When it comes to smartphones, a consumer preference for larger screens has emerged, and plain old feature phones are so last year!  We’re seeing improved wireless components and add-ons, such as credit card swipers and readers.  It’s likely that other snap-on, plug-in components will surface before all their features ultimately become incorporated into one device, but even that’s probably just a matter of time.

The wireless pad and face-to-face calling could very well be the way of the future.  In addition, with their convenience, light weight, mobility and power, wireless pad devices may also begin to replace laptop and desktop computers at home and in the workplace.  The year 2012 also inherited the ongoing discussion of whether workers will  bring and use their own mobile devices on the job without compromising company security.  The discussion continues this year, with companies and employees hammering out ways to find middle ground on the issue.

Malware 2012:  So, where do things stand this year with mobile malware?  The hugely popular Android open platform was predicted in 2011 to take first place for malware infections, and, in fact, it’s turning out to be true.

Scareware, a term for fraudulent security products, continues to gain recognition this year. SMS premium call scams are more popular than ever with cybercriminals. The botnet, which has not yet become effective, is expected to emerge in the field this year.  SMS premium message scamming continues to be reported and is unabated by any regulation on the part of carriers.

Government agencies and large corporations can no longer assume they’re invulnerable to attacks. While a refreshed awareness of the possibilities have motivated agencies and corporations to strengthen their security systems, it’s not clear whether they can do enough, fast enough, to prevent the problem in the future.

The year 2012 needs to be the year of education about mobile fraud and how to prevent it.  While mobile security companies are working extra hard to be ready to combat the next wave of malware, the masses of activated smartphones represent a goldmine of opportunities for cybercriminals. Experts don’t feel we’ll see very many new configurations of malware, but they do expect a higher level of sophistication in the scams already in play. It’s more essential than ever that consumers be informed of the risks, and educated about how to protect themselves.

Predictions for malware in 2012 are not promising, but organizations, such as NCSA, supported by leaders in the mobile industry, are making concerted efforts to educate adults, students and businesses about mobile protection and solutions.

Proud Sponsors of Data Privacy Day

Sponsors and partners of the National Cyber Security Alliance (NCSA) want consumers to be safe and smart about protecting their online privacy, and have designated January 28, 2012 as National Data Privacy Day. NQ Mobile is proud to join the high-profile partners of this consumer awareness day, which include Intel, eBay Inc. Microsoft, Intuit and Comcast.

Data Privacy Day is an annual international celebration designed to promote awareness about privacy and education about best privacy practices.   Events are planned around the world for the end of January through the beginning of February.

To help spread awareness of the privacy risks associated with smartphones, NQ Mobile will share important insights on January 25 (check our blog!) about data privacy gained from its recent survey of American consumers and extensive research on mobile threats. “At NQ Mobile, our core mission is to help consumers understand the importance of protecting their private data stored on mobile smartphones,” said Dr. Henry Lin, the company’s founder, co-CEO and chairman. “The products we make play a critical part, but nothing is more vital than what users themselves can do to ensure that their private data remains safe and secure. We look forward to helping educate consumers on how to protect their personal and financial information as part of Data Privacy Day.”

Data Privacy Day began in Europe in 2007 and continues to be celebrated in more than 30 countries as Data Protection Day.  The United States and Canada joined the celebration in 2008. Since 2009, the U.S. Senate has recognized January 28th as National Data Privacy Day in the United States.  In 2009, the National Association of Attorneys General recognized Data Privacy Day, and numerous state governors recognize Data Privacy Day annually.  Over the past four years, Data Privacy Day has grown significantly and has been celebrated by at least one entity in the following areas: India, Turkey, Azerbaijan, Australia, the Philippines, and Hong Kong. For more information about Data Privacy Day 2012, visit: