A lot of chatter has appeared on the security of Apple’s new iPhone. As with any new technology, it is to be expected that some security issues will be identified and fixed.
More importantly though, the phone’s release indicates we as security professionals should be prepared to investigate security incidents on mobile devices. This new generation of smartphones is much more likely to be purchased or requested by employees as a status symbol than is the average laptop. As such, it may be used to transport corporate data and could fall within the scope of a forensic investigation.
Unfortunately, mobile phone technology is technically harder to investigate:
Organizations should therefore take a number of decisions regarding the use of cell phones: one example is whether they should provide employees with cell phones or support a number of acceptable ‘employee-owned phones’ over which they may have less control? Policies should also be developed to govern the use of mobile devices.
Incident response groups should commence the first step of the incident handling cycle: Prepare! This includes adding the necessary tools, skills/procedures and hardware to fully support investigations on mobile devices:
Some other issues may require review with your legal team. Some of the data stored on a SIM/USIM card, for example, some data may allow an investigator to assess broadly the past physical location of a cell phone user. This could be a very significant privacy issue.
Jul 3rd 2007
1 decade ago