android data confidentiality tips and tools for keeping corporate confidential information...
TRANSCRIPT
ANDROID DATA CONFIDENTIALITY
Tips and tools for keeping corporate confidential information confidential on Android Mobile Devices.
Alex Mayer
University of Houston
Abstract
Employees are increasingly relying on mobile devices to perform daily job functions. Today's mobile devices are what connect the employee back to the office. Confidential company information remains on the mobile devices after they are at the end of their lifecycle. Company’s need to be able to secure confidential data left on mobile devices in order to meet security and business policy objectives.
Mobile Device’s in Corporate Environments
Most, if not all large companies issue mobile devices to their employees
Mobile devices can connect to any and all information systems used by companies
Confidential company information is stored on mobile devices and remains on the devices when they reach the end of their life cycle
When a mobile device malfunctions, it is important to get into the device and backup the confidential data and destroy any and all traces of that data.
The Android operating system is fast replacing RIM and Windows Mobile devices which shows in the 3Q of 2010 to own 25% of the market share
Data Remanence
Lost/Stolen Confidential Company data
The Problem
Data Remanence Problem Data remanence is the left over physical data that
either has been erased or overwritten. Since mobile devices use flash for data storage, typically files are not overwritten due to the nature of how flash disks operate. There are several methods to retrieve old data from mobile devices, all of which are not easy and require some technical expertise. However, the point being that it is possible to retrieve data from mobile devices even after the data was deleted.
Lost/Stolen Confidential Company data
Stolen or lost confidential company data can have the following negative effects on any company Revenue loss Competitive advantage loss if data
is sold to competitors Law suites if data contains
confidential employee or clients information
The Solution
DESDROID
DESDROID
Collection, data cleansing, and disposal of wireless devices. This software service secures corporate data assets and completes the lifecycle of individual communications devices in an environmentally responsible manner, while also providing your organization an opportunity to earn potential cash rebates based on the device type.
In order to delete confidential data from the mobile device, I have created a flash disk compilation of Android software, called DesDROID. These apps are needed to destroy system and user data on Android Mobile Operating System 2.1 and 2.2. All the following files will be located on DesDROID disk, and are apps all free to use.
• Root Explorer• SPRecovery• Terminal Emulator• Superuser• Androot
Summary Mobile devices are increasingly being utilized by business
to help ease the gap between work and home. Most enterprises currently use some type of smart device
for their employees, consequently the confidentiality of data on these devices needs to be maintained.
As mobile devices become more important in daily business processes, it is equally important to ensure information contained on those devices does not get into the wrong hands.
Using DesDROID will positively impact your business by ensuring confidential data is not lost or stolen. By taking these necessary steps, your business complies with business standards and reduces unneeded risk.