United StatesChange Country
Business Cards
View All Business Cards
Compare Cards
Corporate Card Programs
For Startups
For Large Companies
Payment Solutions
International Payments
Employee Spending
Vendor Payments
Automated Payments
View All Payment Solutions
Business Class
Business Class
Insights and Inspiration to Help Grow Your Business
Managing Money
Cash Flow
Financing
Taxes
Getting Customers
Marketing & Sales
Customer Relations
Digital Tools
Social Media Strategy
Building Your Team
Hiring & HR
Company Culture
Leadership
Productivity
Planning for Growth
Strategy
Growth Opportunities
Research
Operations
Find a Solution
Business Class

February 21, 2012

Why Your "Stale" Device Can Create Tons of Fresh Problems

Why Your "Stale" Device Can Create Tons of Fresh Problems

Courtney Rubin

Business Writers

Summary

Your out-of-date computer firmware could be putting your company's data at risk.

Never mind the doughnuts in the break room going bad (they probably don't even last long enough for that) – it's the stale devices you really have to worry about.

That's the latest from stealth Seattle startup Mobilisafe, which found that more than half (56 percent) of Apple devices at small and medium-sized businesses were running out-of-date firmware, thus possibly compromising company security. Small companies are even more vulnerable to this problem than larger ones because some 80 percent of employees use their personal devices at work, as opposed to approximately 60 percent in larger firms. (That's because small businesses tend to subsidize employee cell phone plans instead of just issuing corporate devices, as big companies would do.)

Said Mobilisafe CEO Giri Sreenivas: “Associated with the high penetration of these devices with the small and mid-sized businesses is a lot of risk, a lot of risk around vulnerabilities, and a lot of risk around devices running out-of-date firmware."

He cited a recent hacker exploitation of the way Apple devices connect to Safari that allowed remote jailbreaking of iPhones, iPads and other devices. If company employees haven't updated the devices with the patch, cybercriminals could be using the vulnerability to run malicious code.

“There were PDFs on the Web that were taking advantage of this exploit, and there were a number of attacks,” Sreenivas told GeekWire. “Corporate data could be leaked off the device to a random server in China or Russia.”

Mobilisafe, founded in 2010 and operating on seed funding, currently is developing a software service designed to help small-firm IT departments manage what's referred to in the industry as the BYOD (bring your own device) trend.

In the past three months, while developing their product, the company has tracked some 40 million mobile device "connections" with a company IT system across a range of industries. (The number is so eye-popping because a single e-mail represents one connection.)

“These small and medium-sized business IT managers are significantly underestimating the number of mobile devices and the kinds of mobile devices that are coming in,” said Sreenivas, a former T-Mobile software architect. “It’s a blind spot, and they’re fully aware of it.”

Other findings: 39 percent of "authenticated devices" were inactive for 30 days or more, meaning that the devices–containing employee credentials and sensitive corporate data–possibly were lost, stolen or misplaced. Motorola, for example, recently announced that refurbished Xoom tablets accidentally were sold with data such as passwords still on the devices.

Bottom line: Take the three minutes now to download security updates for your device. (Bonus points for your multi-tasking if you do it while leaving a comment below...)

Photo credit: Thinkstock