TMCnet News
BT: Research Reveals At Least One In Five Second-Hand Mobile Devices Still Contain Sensitive Information; Today's Sophisticated Devices Exacerbating The Problem Of Keeping Sensitive Information Safe(M2 PressWIRE Via Acquire Media NewsEdge) RDATE:25092008 New research from BT, the University of Glamorgan in Wales and Edith Cowan University in Australia has revealed that a significant number of hand-held communication devices which are bought second-hand still contain sensitive company and personal information. The survey of over 160 used gadgets found a range of information including salary details, financial company data, bank account details, sensitive business plans, details of board meetings and personal medical details. The devices containing the greatest volume of information were discarded Blackberry devices which in a number of cases were left unprotected, despite having security features like encryption built in. Forty-three per cent of those examined contained information from which individuals, their organisation or specific personal data could be identified creating a significant threat to both the individual and the organisation. It is thought that this is the result of the increasing adoption and use of this type of device by organisations to support increasingly mobile workforces. Whilst being far less sophisticated, 23 per cent of the mobile phones examined still contained sufficient individual information to allow the researchers to identify the phone's previous owner and employer. In one example, a Blackberry was examined that had been used by the sales director for Europe, the Middle East and Africa (EMEA) of a major Japanese corporation. It was possible to recover the call history, the address book, the diary and the messages from the device and the information that was contained in these provided: The business plan of the organisation for the next period The identification of the main customers and the state of the relationships with them The relationship of the individual with their support staff Details of the personal life of the individual including details of their children and their occupations, movements, marital status, addresses, appointments and addresses for his dental and medical care providers Bank account numbers and bank sorting code Car make and registration index Dr Andy Jones, head of information security research at BT, who led the survey, said: "Given the level of exposure that the subject of security and identity theft has recently received, and the availability of suitable tools to ensure the safe disposal of information, it is difficult to understand why organisations are not taking the necessary precautions when disposing of hand-held devices. These everyday items now contain sophisticated digital memory capable of storing huge amounts of sensitive data. Organisations must ensure that adequate procedures are in place to destroy any data and to check that these procedures are effective." Dr. Iain Sutherland, who leads the research team at the University of Glamorgan, added: "Many large organisations currently dispose of obsolete hand-held devices by donating them to charities. It was discovered during the course of the research that a number of these charities then pass on a large percentage of these devices to places like China and Nigeria, both of which are regarded as posing a real threat to the security of information." The research highlights a lack of awareness amongst businesses about the amount of data that can be retrieved from mobile devices. The situation is made more complex as most of the devices are provided by a the end of their effective life, in most cases somewhere between one and two years, they have little or no residual value and they are not, in most cases, given any consideration with regard to the data that they may still contain. For a significant proportion of the devices that were examined, the information had not been effectively removed and as a result, both organisations and individuals were exposed to a range of potential crimes. These organisations had also failed to meet their statutory, regulatory and legal obligations. The research was undertaken at the BT Centre for Information and Security Systems Research, the University of Glamorgan and in Australia at Edith Cowan University in Perth. The results were based on the examination of 161 hand-held devices that were purchased from on-line auction sites, commercial organisations involved in the supply of second hand hand-held devices and auctions or were donated to the research by SIMS Lifecycle Services. About BT BT is one of the world's leading providers of communications solutions and services operating in 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to our customers for use at home, at work and on the move; broadband and internet products and services and converged fixed/mobile products and services. BT consists principally of four lines of business: BT Global Services, Openreach, BT Retail and BT Wholesale. In the year ended 31 March 2008, BT Group plc's revenue was GBP20,704 million with profit before taxation of GBP2,506 million. British Telecommunications plc (BT) is a wholly-owned subsidiary of BT Group and encompasses virtually all businesses and assets of the BT Group. BT Group plc is listed on stock exchanges in London and New York. For more information, visit www.bt.com/aboutbt CONTACT: BT Group Newsroom Tel: +44 (0)20 7356 5369 Justine Manche, BT Global Services PR Tel: +44 (0)20 7356 5371 e-mail: [email protected] WWW: http://www.bt.com/newscentre Tom Gilbert, Fishburn Hedges Tel: +44 (0)20 7544 3084 or e-mail: [email protected] ((M2 Communications Ltd disclaims all liability for information provided within M2 PressWIRE. Data supplied by named party/parties. Further information on M2 PressWIRE can be obtained at http://www.presswire.net on the world wide web. Inquiries to [email protected])). Copyright ? 2008 M2 Communications Ltd. |