un-earthed

I am not one who makes a habit of shoulder surfing, that is, peering over the shoulder of others to observer what they are doing, somewhat like spying. After all, it is rude and poses a serious breach of security, but something really caught my attention on my train trip into work this morning, I could not help but notice the iPad 2 that the gentleman sitting next to me had only recently purchased. Being new technology, I decided to take a quick, casual peek at its sleek white contoured exterior and crisp graphical display. The iPad owner would have been in his early thirties, had pasty white skin, some acne and was wearing clothes that look like they were purchased from a discount retailer.

But it was neither he, nor his iPad which led my eye to continue wandering; it was what was on his screen. If you were expecting me to say “pornography”, sorry to disappoint; it was not pornography. So what was it? The simple fact that he had opened up a word processing application, selected a fairly large font size and started typing a document, which I later assumed to be a letter to his Mother, his document started with:

Dear Mummy,
I have decided to quit my job and I want to come home to live with you. Life is so hard at the moment…

Quite embarrassing to say the least for this thirty something man who was struggling to survive in the real world without his Mother holding his hand. I did not read any further. As I mentioned before, I do not make a habit of shoulder surfing. Now the point is that although this was potentially sensitive material, it was personal material… but let’s for a moment imagine if the gentleman sitting next to me was in fact a confident, well groomed man dressed in a tailored Italian suit, was a manager or director of a large global company and instead of typing a personal letter, used his new iPad 2 for drafting ideas for the next multi billion dollar product that his company would release within the next 12 months? Worse, still, what if I was that gentleman’s biggest competitor who saw that multi billion dollar idea and was able to not only steal that idea, but, improve on it, have it designed, produced, marketed and released before my competitor? I know these are “what ifs” but this hypothetical is not too far from the realm of possibility.

With the increase in the number of powerful multi functioned mobile devices such as tablet PCs, netbooks PCs and smartphones, Intellectual property is finding its way onto these devices and is presenting new risks:

1. Opening any sensitive material or intellectual property on a mobile device in view of others in a public place.
2. The likelihood that a mobile device containing sensitive data or intellectual property will be lost or stolen is much greater than that of a traditional notebook computer.

In the case of the first risk, it purely comes down to educating users on appropriate places to view or create corporate documents. In the privacy of your own home, even with your family onlooking, or in a taxi when you are or by yourself, or with colleagues may be acceptable, however, in places where you really do not know the identity of others who are within peering distance from you, it is important to exercise caution. Don’t even assume that just because you are sitting next to a nine year old kid on a plane that your secrets are safe. What if he was he or she was the child of the CEO of your biggest competitor?

The second risk requires a combination of user awareness education on exercising due care with relation to usage and storage of mobile devices as well as having appropriate security applications installed that, in the increasingly likely event of a lost or stolen mobile device, the device will either be wiped or will be encrypted so that access to any sensitive data will not be available.

Remembering that nowadays, your corporate data can be anywhere, anytime and requires adequate security anywhere, anytime. Without this notion your competitors could be stealing data from you!