Securing smartphones data

Recent sales figures indicating that worldwide sales for smartphones will increase by 60% and top half a billion units in 2011 confirms what most people already knew; smartphones are no longer just for top executives or city hopping businesspeople.

Smartphones – notably the iPhone and those running the Android OS – allow a user to check multiple email accounts, browse the web, track appointments, record video and voice, use the GPS function, online banking, tinker with a host of free Aps and, oh, make phone calls.

This means that smartphones now hold intricate data about the user of the phone; details of their emails, web surfing history, calls made to and from the phone, SMS messages sent and received, where the phone may have travelled just for starters. Most of this information may be unique to the user but much of it belongs to the company or organisation that the phone belongs to. In the event that the phone is lost or stolen, this creates a serious security issue should it fall into the wrong hands.

In an effort to reduce the risk to the data of the company organisation, the IT Department issuing the smart phones should co-operate with senior management and the risk / security officer to address the basics of smart phone security:

  • Anti-virus response – This should be the same for as for emails received on a PC – If you don’t recognise the sender, or there is a suspicious attachment, don’t open / download it.
  • Bluetooth – this can be an open door with a welcome mat! Select disable unless highly conversant with password / encryption settings
  • Run frequent asset checks to ensure that all smart phones are being used properly – they haven’t been passed to a spouse / partner for their use to watch movies
  • Solicit information from similar sized companies who have already implemented smartphones for feedback on security issues
  • Look to selecting only a handful of models of smartphones so as to avoid excessive efforts on support and updating for the fleet of phones
  • Prefer to select smart phones which can support key features like encryption, remote wipe, and password locking
  • Develop a written security policy and procedure items for smartphone that governs acceptable use, monitoring, responsibilities of user (e.g. what to do if device is lost or stolen)
  • Actively monitor security vulnerability for the smartphones and any reported new attacks on these types of devices
  • Ensure that the devices in the field can be updated quickly to fix security issues once discovered

Do you need to know more about our services and how Regents can assist you with preventing information loss? Simply go to our Cyber Threats page for our phone numbers or else send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.

New Victorian anti workplace bullying laws

New laws under which workplace bullies will be imprisoned for up to 10 years have been welcomed by the family of a 19-year-old woman who committed suicide after being tormented by workmates.

The shocking suicide of Brodie Panlock, a 19 year old woman, in 2006 after suffering prolonged workplace bullying has been the catalyst to pass new workplace bullying laws in the state of Victoria. Brodie jumped to her death after she was victimised by colleagues at Cafe Vamp in Hawthorn over a long period.

Under proposed new laws, workplace bullies could be imprisoned for up to ten years. A Victorian government spokesperson said the Government’s amendments will add workplace and cyber bullying to Victoria’s Crimes Act.

The family of Brodie has lobbied government to seek to make workplace bullying the subject of criminal charges ion the future.  The Victorian Attorney-General agreed and said that “serious bullying was a serious crime” and should carry a significant jail term.

The ACTU [Australian Council of Trade Unions] President, Ged Kearney, said employers, governments and workers all shared a responsibility to make workplaces safe, secure and free of harassment.

“These laws will hopefully help deter people from undesired behavior but it shouldn’t suggest to employers that it’s no longer their job to provide a safe workplace for all employees,” Ms Kearney said.

Ms Kearney said she hoped that the increased penalties would deter all people from workplace bullying, but she wanted the Government to also send a strong message to employers that holding individual bullies to account would not absolve workplaces of their obligations.

It is anticipated that other states and territories governments across Australia will review their own work place bullying acts. This is likely to provoke companies and organizations to enhance their own anti bullying procedures to avoid the adverse publicity plus the likelihood that they took make be liable for increased fines or other regulatory punishments.

Therefore, it is recommended that all executive and management teams review their own anti bullying procedures [or check that they even have one] as soon as possible. These procedures should at least include the following:

  • Make sure that they have clear written rules and regulations indicating that workplace bullying or harassment is contravention of company policy and may lead to the suspension or expulsion of those found to have engaged in bullying
  • Ensure that all personnel undergo training and provided with an information package to inform all employees, contractors, managers and executives  to prevent, detect and report on any bullying activity
  • Arrange for follow up reminders on work place bullying at regular intervals, usually combined with other personal training
  • Appoint a responsible officer to administer and review the training and reporting of bullying – recording progress and making these figures available to senior management
  • Senior management should review all anti bullying programs annually for improvements and in response to any reported cases
  • The responsible officer should also focus special attention on those that may be more vulnerable to bullying activities such as new younger employees or new recruits
  • The anti workplace bullying stance should be connected to an effective whistleblower program so that any victims or witnesses can report their concerns anonymously if necessary
  • A qualified and experienced investigation team should be available to make rapid inquiries into the allegations should an offence take place or be reported
  • A suitable executive should be on hand to make a rapid decision such as suspension of alleged perpetrators to prevent the bullying continuing and the contamination of any witnesses or  evidence
  • Have legal counsel review the legal environment to ensure the program is complaint across all states and territories

Do you need to know more about our services and how Regents can assist you with anti bullying issues and whistleblower programs? Simply go to our Whistleblower Page for our phone numbers or else send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.