Mobile device management in an age of paranoia

By Johna Till Johnson, Network World |  Mobile & Wireless

Smartphones don't look particularly dangerous. But in the wrong hands, they can cause serious damage to a company's finances, reputation, and even long-term survivability. And those "wrong hands" aren't always the folks on the wrong side of the law.

Increasingly, law enforcement is targeting smartphones and other mobile devices as a way to catch criminals -- with potentially disastrous implications for businesses and other organizations that rely on mobile-enabled employees.

Most recently, in a ruling last week, the California Supreme Court permits police to search cellphones and mobile devices without requiring a warrant. According to the ruling, in the event of an arrest California police have a legal right to search not just phone records, but all applications and data that reside on the device -- including corporate-owned data.

The actual case involved an individual, Gregory Diaz, accused of dealing Ecstasy in 2007. A Ventura County deputy sheriff arrested Diaz, who initially denied the transaction. But after searching the mobile phone and reviewing a text message string that appeared to indicate the sale of six Ecstasy pills, Diaz admitted to participating in the drug sale.

Diaz's lawyer attempted to invalidate the warrantless search on several grounds -- including the fact that as a device, a phone was not worn on the suspect's "person" (thus rendering it ineligible for search). But the Supreme Court ruled otherwise, arguing that a warrantless search of devices is acceptable.

This may not seem like a big deal, at least to companies that aren't in the habit of employing drug dealers. (And let's hope yours isn't!) But shift the facts just slightly and the problem becomes evident.

Let's say that instead of a drug dealer, the victim was a doctor, arrested for speeding. (Doctors never speed, right?) And let's say instead of searching a text message string, the officers looked at Protected Health Information (PHI) on the doctor's mobile device — and uncovered a list of patients under treatment for, say, AIDS.

The potential consequences to the hospital are devastating: Not only must it inform patients of a privacy breach (an effort which can, by itself, cost millions of dollars). It may also face fines and legal action for allowing the information to be revealed in the first place.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness