Picture this: contractors find a bugging device in your office. It may sound far-fetched, but small businesses have lost their livelihood through industrial espionage right here in New Zealand, says security expert Hank Wolfe of the University of Otago.
Did you know that your smartphone can be turned into a bug? A program such as M-Spy costs less than $10. Once loaded, the smartphone can be turned on remotely and conversations recorded.
The chances of this happening, says Telecom's business portfolio manager Matt Hampel, are fairly remote.
Even so, there are a lot of other good reasons for small businesses to ensure that all smartphones and tablets are protected against security risks.
Most small business owners are aware there is a level of security required around PCs and networks, says Hampel.
It's only just dawning on many of those same business owners that they need to secure their smartphones and tablets as well as their PCs. "The processing power in smartphones and tablets is enough to run your computer." As soon as they're connected to the Internet they're at risk.
Unlike the old days where only company owned devices were given access to the business' IT network, it's now the norm for employees' to use personal phones and tablets at work. The trouble is that every device is a security risk.
Employees might, for example, says Hampel, "jailbreak" (unlocking) their phones, or inadvertently download malicious apps that give third parties access to business critical information.
The risks are physical as well as software-based. Smartphones can be lost or stolen. If there are company data such as spreadsheets or Word documents stored on those phones or there is remote access to the server, there is a security risk.
The good news is that there are some simple steps to take to remove the worst of the risks.
One is to create a password, code, or a pattern they draw on the home screen to prevent access. Don't forget to protect the memory cards as well, says Hampel.
Another trick, says Wolfe, is to set up automatic smartphone backup to the cloud to ensure that data stored on it can't be lost if the device goes walkabout.
What's more, most smartphones have Find My Phone or similar software programs on them which enable the owner to lock or erase the phone remotely over the Internet - providing it has its SIM card still loaded - or look the location of the phone up on a map in real time.
Protection Against Malware
Once upon a time only PCs and networks were at risk of "malware" attacks such as viruses, trojans, adware, worms, and phishing programmes. Now these nasty pieces of software designed to damage, disable, or steal money from the user's bank account, are being targeted at smartphones.
Thankfully, like PCs, there are security available for smartphones from vendors such as Symantec, McAfee and many others.
The problem is that too few smartphone owners are using the apps. Yet once the firewall and anti-virus software are configured and kept updated, it becomes a whole lot more difficult to hack a smartphone.
Getting it wrong can be financially disastrous for a business. The big risk is losing mission critical information, which can cost big money. It's also bad for PR. Just look at the bad publicity Hell Pizza got when hackers got their hands on 230,000 customer names, email addresses, passwords, and pizza preferences.
As well as preventing security breaches, every business should have "resilience" (AKA disaster recovery) plan in place should its smartphones and tablets be lost, stolen, or subjected to malicious attack, says Wolfe.
*Hampel says small business owners who want to know more about smartphone security can contact their local Telecom Business Hub for advice.