Tag Archives: mobile device

Do you connect your mobile phones to rental cars?

Posted on September 7, 2016 | Leave a comment

One huge mistake people make when renting cars
Rental_Bluetooth

There are plenty of reasons to rent a car, from leaving a less reliable or gas-guzzling car behind on a long trip to getting around a city on a business trip or while your car is being repaired. It’s not necessarily cheap, but if you need to move around a lot, or go any substantial distance, it isn’t any worse than taking a cab or calling for an Uber, and it might be more convenient.

Is your company leadership connecting to rental cars with company phones and leaving text messages, contacts, call logs? Is there deal information or IP in those text messages?

There is a hidden danger, though, that not a lot of people realize. Rental companies upgrade their fleets regularly with newer-model cars, which means your rental has new technology, including a high-tech infotainment system. That’s not the bad part.

Newer infotainment systems let you pair up your smartphone via Bluetooth so you can take calls over the car’s audio system, dial from the center console or stream your music. Others include USB so you can get everything I just mentioned and charge your phone at the same time.

That’s also not the bad part, as long as you own the car. When you’re renting, however, it can be a danger.

When you connect up to a car with Bluetooth, the car stores your phone number to make it easier to connect later. It also stores your call logs, and possibly even your contacts. This isn’t something you want sitting around for the next renter.

Go into the settings (it will vary for every car model) and delete your smartphone from the list of previously paired Bluetooth gadgets. That should wipe your call log and contacts as well. If it doesn’t, look for an option to clear user data or do a factory reset. Talk to the employees at the car rental place if you can’t find these options.  Like any hard drive, you can possibly still recover data after it is wiped.

If you used the car’s navigation system to get around, be sure to go in and clear your location history. You don’t want the next person knowing where you’ve gone, or where you live. If you own the car and are selling it, you’ll want to do this kind of wiping as well.

Aside from privacy concerns, there’s a security concern, too. We now know that cars can be hacked, and as they get more advanced the chance that a car can get infected with a virus increases. If the car’s system was compromised by a hacker or previous renter, hooking up your phone would give a hacker access to everything on it.

The obvious solution is to not pair your phone with the car’s systems at all. If you want to listen to music, use an auxiliary cable to connect the headphone port on your phone to the audio system directly.  For charging, use the cigarette lighter instead of the USB port.

If you want to do hands-free calling, you can purchase a third-party Bluetooth audio kit that does the job.  It’s also great for adding this feature to an older car with a less advanced infotainment system.

Hopefully, the privacy concern with car infotainment systems should be going away in the future as Android Auto, Apple CarPlay and similar systems become standard on more cars. These systems don’t store any information, they just read it off your smartphone. So when you take your smartphone out of the car, none of your information stays.

Of course, it will be years or even decades until cars with less secure infotainment systems are off the market or no longer in used car lots. And you never know what other systems will come out in the future and how secure they’ll be.

Please share this information with everyone.

 

Leave a comment

Posted in Cyber Security, Data Breach, eDiscovery, Forensic, Hacking, Security, Technology

Tagged , ,

New Cyber Security Ideas for 2016

Posted on March 11, 2016 | Leave a comment

2016_Data

In the last 5 years, almost all businesses, big or small, have realized just how vulnerable they are to cyber-attacks. The astonishingly increasing number of attacks each year trouble corporate heads so much that they spend hours on end discussing their company’s cyber security system. The IT professionals and Chief Information Security Officers (CISOs) are even more troubled, for they keep seeing their efforts foiled by hackers.

The number of big corporations targeted in 2015 only goes to show that no one is completely safe. Wherever you look, there is an Ashley Madison data breach case or a Home Depot or JP Morgan Chase case story from the past year that will make you realize just how precarious security structures are. To help corporations beef up their security better in 2016, we discuss some new ideas.

  1. Being aware of the data stored

It is quite astonishing how many big firms do not have any idea what huge chunks of data in their systems are about. Technologies like the Internet of Things have a lot to contribute to this, but company data should be handled better. One must at least know what is stored in their systems. That would provide them an idea as to what data is of the most priority and what needs to be protected most against threats.

  1. Focus on protecting data

The most infamous cases of 2015 related to data breaches of global services and corporations. Yet, corporations think that beefing up their firewalls and security perimeters is the answer to such attacks. They couldn’t be less accurate. Attacks like these go to show that protecting your data is the main priority. Encrypting different clusters of data with secure mechanisms is vital to prevent data from being compromised easily should unauthorized personnel make it into corporate network.

  1. Address the Mobile threat

Many corporations use the idea of Bring Your Own Device, allowing employees to use their personal device in the workplace. It is always safe to assume that most employees do not take the necessary security measures for their mobile devices. This invariably puts corporate data on such devices at great risk. IT admins need to have better control over such devices. They need not have more control, but better control.

  1. Spread awareness

It is never a bad time to spread awareness among employees, however small or high ranking they are, about the different threats they face. Ignorance should never be doubted or disregarded, for it is always present around you. Interacting with employees regularly about the different threats present and sharing ideas about improving security are good practises.

  1. Take insider threat seriously

You might shell out millions of dollars trying to protect your network from outside threats only to be undone by one of your employees clicking on a wrong link and compromising some sensitive data on his or her system. Hackers regularly send malicious emails to many employees in a firm in hopes that one of them falls for it, and they quite frequently do. Encourage your employees to be more vigilant, for such emails can quite easily be spotted.

Conclusion

We saw in this article how some new ideas can aid companies in improving their security against attacks from hackers. These are just some suggestions, which can definitely be improved upon post further study and research into the matter.

Leave a comment

Posted in Cyber Security, Data Breach, Hacking, Security, Technology

Tagged , , ,