Should you run your pet grooming business from your phone or tablet?
By now, you’ve probably read some version of Wired’s February 2015 prediction that your smartphone could become your sole computer by 2017. And maybe you’ve read that Salesforce’s CEO Marc Benioff and other Fortune 500 executives run their business from their phone. Thanks to improved processing power, longer battery life, faster-than-ever networking speeds, larger screens, and apps like collaboration, marketing, and accounting tools, you could, too. But should you? If you keep proprietary information or personally identifiable information such as clients’ names, addresses, driver’s license numbers, or credit card numbers on your computer, the answer is no. Here are two reasons why.
Hackers Only Need a Phone Number to Damage Your Business
For a segment that aired in April 2016, a “60 Minutes” correspondent traveled to Germany to meet hackers who research vulnerabilities in smartphones, SIM cards, and USB sticks and warn corporations about their findings. Hacker Karsten Nohl said a phone number could enable him to pinpoint the user’s location, determine where the person works, and identify who he meets and when. Nohl said he could even read texts and eavesdrop on calls, regardless of the phone the person used.
He proved this by tapping into a brand-new iPhone that “60 Minutes” shipped to a congressman in California. “60 Minutes” gave the phone number to Nohl’s team, who tracked the congressman down to Torrance, listened to a call and played it back for him, and recorded every phone number that called him, which put those numbers at risk of being hacked as well.
“They were able to do it by exploiting a security flaw they discovered in Signaling System Seven, or SS7,” the “60 Minutes” correspondent said. “It is a little-known but vital global network that connects phone carriers … Every person with a cell phone needs SS7 to call or text each other.”
Pin numbers and app choices have no effect on that network, Nohl said. And criminals have proven they can access it.
Hackers Don’t Even Need a Phone Number
Hacker John Hering, co-founder and executive director of mobile security consulting company Lookout, told “60 Minutes” that only two types of companies or people exist these days – “those who have been hacked and realize it and those who have been hacked and haven’t.”
He was able to access the correspondent’s email, a ride-sharing app, and the credit card information attached to that account when she logged on to a spoof, or fake version, of a hotel’s Wi-Fi connection. When she clicked a link that Hering texted her, he installed malware that enabled him to spy on her via her phone camera.
Jon Oberheid, co-founder and chief technology officer of Duo Security, a company that protects organizations from data breaches, told her that human gullibility is the greatest risk to mobile security.
“They install malicious applications. They give up their passwords every day. And it’s really hard to fix that human element,” he said.
Your customers trust you to keep their personally identifiable information safe. Don’t jeopardize your company for the sake of convenience.
Thanks for reading GroomPro POS’s Blog!