Are You Sure Your Project Information is Secure?

From the Voices on Project Management Blog
by , , , , , , , , , , , , , ,
Voices on Project Management offers insights, tips, advice and personal stories from project managers in different regions and industries. The goal is to get you thinking, and spark a discussion. So, if you read something that you agree with - or even disagree with - leave a comment.

About this Blog

RSS

Recent Posts

End a Business Relationship and Keep Your Cred

Fair's Fair

Give Your Project a Home

A Hollywood-Style Move From PM to Scrum Master

To Have and To Hold

Email Notifications off: Turn on

Categories: PM Think About It


Fellow blogger V. Srivinasa Rao recently wrote an interesting post about the Global Distribution Model 2.0 that is launching soon. The model holds a lot of promise and is a great framework for implementing mobile global communications tools.  

Today, the fastest rising communications and computing technology is mobile. And while this development provides exciting possibilities for improved project efficiency, it does not come without risks. I'm focusing specifically on devices with a mobile operating system, such as iOS, Android, Windows Phone 7, Blackberry or Nokia.

The reason for my concern is the speed of adoption for the devices. They now play a role in every project I manage. It may be simple communications such as email between team members, text messaging and calendar functionality, or more sophisticated uses such as remote access to project data, project management software or even video conferencing. Yet 90 percent of the time, I find that no one is really thinking through the implications of using this technology.

Think about it: With this expanded communication comes an increased risk that your project's confidential or critical information could be exposed, intentionally or unintentionally.

This information can be controlled fairly easily by IT departments on laptops, but mobile operating systems don't allow for the same kind of security just yet. You must be wary of how information may be getting communicated over your mobile device.

Information "attacks" can come in several forms. At an event where "free wireless access" is offered, for example, someone who wants to gather data illegally can set up a US$50 wireless router, name it "[Event Name] Wireless" and watch as attendees innocently connect their devices to communicate with the rest of the team. Simply leaving your Bluetooth enabled in public locations can open you up to attacks.

It doesn't even need to be something that devious. All that needs to happen is for one of your team members to lose a device that has regulated data on it. In the United States, you'll have to officially report the incident to the Federal Government.

The key takeaway here is that as our world expands, we are being given exciting new ways to coordinate and communicate with our team members across the planet. We should take full advantage of this. But we should do it with our eyes open.

How do you protect your data on a mobile device?
Posted by Geoff Mattie on: January 05, 2012 11:14 AM | Permalink

Comments

PM Hut
Hi Geoff,

This post was OK until you mentioned the $50 wireless router with [eventname wireless] as name.

While I'm sure this can be an issue, there are probably much more important things left out in this discussion. For example, let's say you have several apps installed on your Android phone. What tells you that one of these apps doesn't have a security problem, or doesn't intentionally try to take a peak at your data and report the findings back?

Geoff Mattie
Thanks, glad you enjoyed (most) of it. You may be surprised to learn that I was pulling from a real life experience regarding the wireless access point.

However, you are very right — there are myriad potential issues out there that elevate the risk of project information security. We observe length limits on our blogs which require us to make some decisions around what to include and what not to include.

I felt that if a few examples were given, it would hopefully inspire folks to dig deeper and research the risks themselves. Much like you are suggesting.

A few examples on top of yours would include poorly written apps that don't completely erase sensitive data when they are uninstalled, Trojan horse apps, "man-in-the-middle" attacks using your bluetooth connection, or simply spoofing voicemail similar to what happened with Fox News recently. Sorry for the late response. I have been out of pocket recently.


Please Login/Register to leave a comment.

ADVERTISEMENTS

"No Sane man will dance."

- Cicero

ADVERTISEMENT

Sponsors

>