Mobile forensics af...
 
Notifications
Clear all

Mobile forensics after factory reset  

Page 2 / 2
  RSS
jaclaz
(@jaclaz)
Community Legend

A better solution, in my opinion, would be for the device itself to 'phone home' at fixed time intervals, and after a certain amount of failures, it would initiate a 'local' wipe. A bit drastic as a solution, but still better than getting your sensitive assets into the hands of a thief.

Interesting, but IMHO with a few practical issues.
How long would be the interval between two successive "calls home"?
(minutes, hours, days)?
How many failures before trigging the self-wipe?

The interval should be less than the time needed for the "corporate spy" to get access to the device and perform data extraction (with whatever means).

Possible accidents (first three that I can imagine)

  • an employee goes (with the device) to a place when there is no coverage and stays there long enough to initiate the self wiping (let's say weekend on the Rocky Mountains or a few hours searching for an archived file in a remote warehouse)
  • the cellular network has a failure
  • the "corporate spy" places here and there (let's say at night at a few employees' homes) a form of signal suppressor/cellphone jammer (after three, four or a few more such devices self-wiping the software is removed from all devices)

jaclaz

ReplyQuote
Posted : 13/05/2013 2:50 pm
Alistair
(@alistair)
New Member

jaclaz, I agree, that is why I said it is kind of a drastic measure. I firmly believe that if an attacker has physical access to your device, you can pretty much assume that your data will be compromised one way or the other.

For a device being used in a corporate environment, this could have dire consequences. That's why it would be a good area to research some more effective security measures if a device is compromised.

ReplyQuote
Posted : 14/05/2013 2:04 am
trewmte
(@trewmte)
Community Legend

I firmly believe that if an attacker has physical access to your device, you can pretty much assume that your data will be compromised one way or the other.

Then an answer might be to have an internal clock that all business data which is limited to and graded to one single day of business information is deleted and overwritten at the end of each day. The business data containing no more than a few peices of a jigsaw. Also consider weighing up passwords vis-a-vis passphrases.

Generally speaking so this is not directed at your aims and objectives to find a security solution Alistair.

Is there really any need for the body corporate to be using Employee devices?

1) based upon the combination of sensitive data vis-a-vis determined thief; BYOD potentially increases the risk (caused specifically by company policy of the body corporate) on an employee being targetted?

2) BYOD containing work and personal data increases risk of profiling of an individual and potential of impersonation (relevant to the scale of the sensitivity of the data)?

3) who is actually paying for the running of the device, the employee or employer? Doesn't this increase the risk of libility placed on the employee?

In the above scenarios I haven't mentioned about

a) the risk where the thief requires physically attacking an employee for the device
b) nor have I mentioned the current stats where countries are now seeing an increase in mobile device theft.
c) insurance costs increasing.
d) post attack personal injury claims for compensation

ReplyQuote
Posted : 14/05/2013 11:38 am
Page 2 / 2
Share: