Page 18 - Mobile Data Loss
P. 18

12    Mobile Data Loss

          USER DATA LOSS

          Users are empowered with a plethora of ways on a mobile device in which
          data can be shared across apps, to cloud repositories, device backup sync-
          ing with cloud services, and more. Some data loss is accidental, while
          others are intentional. The 2015 Verizon Data Breach Investigations
          Report concluded that 20.6% of incidents were caused by insider misuse. 4
          Andanadditional15.3% stemmedfromphysicaltheft or loss.
             Many inherent features are available in iOS and Android to allow
          data sharing. In iOS, features such as AirDrop and URL Schemes
                                                                           6
                               5
          allow sharing of data. In Android these are referred to as “intents. ”
          These features, while respecting the application data sandboxing, do
          allow some user-driven behaviors. For example, an user can receive a
          corporate email with an attachment in their email app, open the
          attachment in a document editing app, and then upload it to a per-
          sonal cloud file and sync sharing service through a third app.
          Additionally, the mobile operating systems allow features like copy/
          paste, open-in, upload, screenshot, and more. The real challenge to the
          mobile administrator is that these behaviors change every time a new
          version of the operating system is released, and releases are frequent!

             Many of these user-driven data loss threats are accidental. Our
          mobile devices are designed to automatically sync with backup cloud
          services. Users are frequently unaware that they may be backing up
          sensitive corporate data to their personal cloud services.
             User data loss can also occur from the myriad of network services
          running on a device. These can include cellular, Wi-Fi, Bluetooth,
          NFC, IRDA, and more.
             Cyber espionage is also growing at an alarming rate. The implica-
          tions in mobile are huge. In fact, the Verizon Data Breach
          Investigations Report 2015 concluded that cyber espionage compro-
                                                  7
          mised 18% of “confirmed data breaches.” Users can share data in a
          variety of ways, as mentioned earlier. But IT management of mobile
          devices through an Enterprise Mobility Management solution may

          4
           http://www.verizonenterprise.com/DBIR/2015/ Data Breach Investigations Report by Verizon
          5 https://developer.apple.com/library/ios/documentation/iPhone/Conceptual/
          iPhoneOSProgrammingGuide/Inter-AppCommunication/Inter-AppCommunication.html
          6 https://developer.android.com/guide/components/intents-filters.html
          7 http://www.verizonenterprise.com/DBIR/2015/ Data Breach Investigations Report by Verizon
   13   14   15   16   17   18   19   20   21   22   23