Is there a spy on my mobile device?

BROWSE BY TAG Information Security Threats,   Wireless Network Security: Setup and Tools,   Handheld and Mobile Device Security Best Practices,   Enterprise Network Security,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Information Security Threats How to get rid of malware, botnets on a hospital IT network Should a national cybersecurity strategy include offensive botnets? How can search results lead to malware? How to prevent brute force webmail attacks How to prevent mobile phone spying What are today's antivirus software trends? How to detect input validation errors and vulnerabilities Can secure USB devices prevent man-in-the middle attacks How to prevent and build protection against online identity theft When should new browsers be adopted in an enterprise? Handheld and Mobile Device Security Best Practices Secure your remote users in 2010 Researchers find thousands of flawed embedded devices Best Mobile Data Security Products Should Windows Mobile updates come from Microsoft? MMS messaging spoof hack could have global ramifications How to prevent mobile phone spying Unified communications: Securing a converged infrastructure RIM patches serious BlackBerry Attachment Service flaws How secure are iPhone App Store mobile applications? Mobile phones win during Pwn2Own contest Handheld and Mobile Device Security Best Practices Research

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

This is a growing area of concern, as many people are trying to get more and more "hands-free" with their phones. Numerous products now utilize Bluetooth as a medium for wireless headsets, tethering and synching files with computers. It's important to always keep in mind, though, that these technologies have security risks associated with them, even if they make it easier to use products like mobile phones.

First, I would not use the Bluetooth headsets if the risk of eavesdropping is unacceptable to your organization. There is an excellent video by Josh Wright of Inguardians Inc. in which he demonstrates the dangers of using a Bluetooth headset. I would also recommend becoming familiar with the tools that can be used against your phone's Bluetooth capabilities, including penetration testing suites like Bluediving.

It is also important to train corporate employees to use caution when using their phones. Tell them, for example, to be wary of the websites they surf. Your corporate Web policy should mention that company phones should not be used to access questionable websites. Your users should also be careful to not lose their phones or leave them unattended.

You should also attempt to train employees that carry corporate phones to use some discretion. There have been many times where I have overheard seemingly sensitive conversations because people are talking loud enough for everyone in the airport terminal to hear.