800.668.7020
M-F 8:00AM TO 5:30PM CST
Better coverage. Better price.
Don't Risk IT
A Cure for Data Breaches?

A Cure for Data Breaches?

New phones might offer improvements in mobile security, but major security questions remain.

Monday, March 03, 2014/Categories: cyber-liability

In the last week, mobile phone companies have announced new products and features designed especially to enhance mobile data security. Here's what we've seen from some of the industry's heavy hitters:

  • CNET reports that the new Samsung Galaxy S5 will come with a fingerprint sensor to allow authorized mobile payments. After consumers swipe a finger over the sensor, their phone will be able to send payments via PayPal to stores that accept the digital currency.
  • PCMag details the new Boeing Black smart phone designed with government contractors in mind. The phone will "self-destruct" when the case is cracked open. Data and software will be wiped and the phone made inoperable. The Boeing Black also boasts more secure software and controls.

Rumors have swirled that Apple is also working on incorporating its fingerprint recognition technology into a payment system. After the recent data breaches and Edward Snowden revelations, tech companies are seeking ways to offer more secure devices and software.

Biometrics and Security: Why Companies Are Turning to the Human Body for Cyber Security

One of the reasons Apple, Google, and other major tech players are getting into medical devices and wearable tech is because of the potential security benefits (along with all the money they'll make).

A password is a simple but flawed way to protect data. Researchers have shown that by using password-cracking software and databases of common passwords and patterns (all available for free online), they can crack most user passwords within hours. Even encryption can be cracked (just ask the NSA).

Some security experts predict that biometrics will offer a major advancement in data security. Fingerprints, retina patterns, and heartbeats are all unique. With wearable tech like Apple's iWatch (which is rumored to be able to predict heart attacks), tech companies will have devices that actively measure vital signs and biometrics. Using the digital imprint of your heartbeat to unlock your mobile devices or make secure payments is the logical next step.

(Read our article "Wearable Wallets = Losable, Hackable Wallets" for information on the flaws of current mobile payment options.)

Whoops! Apple's 18-Month Security Flaw

Speaking of Apple, a Slate article reported that, unbeknownst to Apple's engineers, a flawed string of data accidentally exposed millions of iOS users to an exploit.

What happened? Software engineers failed to remove a duplicate line of code which accidentally re-exposed iPhone and iPad users to a security hole that was supposed to have been fixed long ago. The amazing thing is that this bad code went unnoticed in iOS for 18 months, despite Apple's software testing and stress tests.

Scratch that. The amazing thing was that this flaw was discovered by a random coder who didn't even work for the company. Apple had published its code online as open source, and luckily, some guy made it his hobby to read through it.

You would think that the engineers in Cupertino would do a better job than this, but even they make mistakes.

New Mobile Devices Still not Secure: Why Tech E&O Insurance Is Vital

While companies and mobile software developers look to produce more secure products, the simple truth remains: no device is perfectly secure.

If the past is any predictor, advancements in mobile tech will be met with advanced hacking techniques and new malware. To say nothing of the fact, that many data breaches are caused by human error.

As we saw above, even a company like Apple that hires top engineers and rigorously tests its software can have a flaw in OS that goes unnoticed for a year and a half. What do you do about these software liabilities?

Lawsuits from software defects and data breaches can all be covered with an E&O Insurance policy. E&O covers your professional liabilities (i.e., the mistakes you make as a developer, IT consultant, sys admin, etc.). If you like to learn more about E&O, visit our insurance estimates page, which breaks down Errors and Omissions Insurance cost by the size of your business.

The Small Business
Insurance Leader
800.688.1984 | 8 am - 5:30 pm CST | M-F
Customer Rating 4.9 out of 5
Read Customer Reviews

Categories

The Small Business Insurance Leader