Lost & Found: Another Security NightmareLost & Found: Another Security Nightmare

I could give up my iPhone and you could give up using USB memory sticks without encryption. How likely is that?

The presidential inauguration in D.C. left the METRO lost and found bulging with personal items: purses, luggage, clothing and electronics devices such as cell phones and PDAs. The local media folks are probably right that folks got caught up in the moment. For those not caught up in the excitement, Credant Technologies conducted a study last September among taxi drivers in London and New York, and found that over 12,500 handheld devices such as laptops, iPods and memory sticks are forgotten at the back of taxis every 6 months.Credant also noted that 9,000 USB sticks have been forgotten in people's pockets as they take their clothes to the local dry cleaners. Credant also warns the business community and individuals to be vigilant when traveling with their mobile devices, especially as many of these devices now have the capacity to store as much as 10,000 Word documents, 11,000 pictures, 500,000 contact details or an amazing 1.1 million emails, making them an obvious target for identity theft criminals and hackers who can steal this information and assume the identity of the user both in their personal or business life.

I admit I like traveling light and that means not dragging a laptop around. Seriously, if I lost my iPhone, there's only a 4-digit password preventing the finder from accessing what's stored in my iPhone: Remote Desktop to customer sites, contact and personal information. You can imagine what's found on USB memory sticks. Seemingly miniaturization, portability and mobility have made it easy for us to expose ourselves and companies. Managing endpoints includes things without a tether.

While my iPhone supports secure Remote Desktop, Cisco IPSec VPN and WPA2 Enterprise with 802.1X authentication, the only barrier to keeping these connections safe should I lose my iPhone is a feeble 4-digit password and a phone call to AT&T to disable the lost phone. Even with a disabled phone it won't take too long to gain access to the information stored within the iPhone. So securing and managing the endpoints is a good thing; it's hardly obtainable when the devices get lost and then found by someone other than the owner. Of course I could give up using the RDP feature on my iPhone and you could give up using USB memory sticks without encryption. How likely is that?I could give up my iPhone and you could give up using USB memory sticks without encryption. How likely is that?