The usage of self-managed mobile devices can leave you up the creek!

Bring Your Own Device (BYOD) - Just Don't Do Anything With IT!

it's great isn't it. All your work email on your phone, and access to file storage etc. What about those other apps your colleagues use though? A BYOD policy at many workplaces is great for the business, it empowers and enables staff to be better integrated with the business, and saves the business a bit of money on tablets and mobiles. WIFI Finder aims to make life even easier by sharing Wi-Fi access between users.

The only problem is that in this particular case users of the app called WiFi Finder may have dished out your Wi-Fi password, network name (SSID) and Access Point location to millions of other users, unbeknownst to them. ~2 million user credentials were left on an open server (which DigitalOcean has agreed to delete), for any wannabe hacker (or anyone that stumbles across it!) to copy and make use of. That is quite a big flaw, to say the least. Once on a network a hacker could unleash all sorts of mischief.

So is it possible to lock down your devices? Yes you can, if you have a Samsung (Knox) and are using Microsoft InTune. In that case you can have complete control from the Intune control panel. Knox is a very powerful feature for Samsung Android which comes pre-installed on most devices. If you are unsure if you have it you can check the features of your handset. Whilst most of us will not have one of these models of phone, or may not even have heard of Knox you can at least clamp down (on most devices) by using InTune to ensure they are encrypted, and can be remotely locked and wiped.

So in other words, be aware that if your staff have personal devices that they use for work (which are not Knox managed), then there is always the possibility that some sensitive data could be leaked. And if you downloaded WIFI Finder, uninstall it and change your Wi-Fi password, seriously!

For more information or a free security audit call us on: 01865 988 217

Follow us here LinkedIn or here Twitter