5 ways to secure your BlackBerry

It seems we can't go a day lately without a new story about some security screw-up involving a lost or misplaced BlackBerry. This week, officials with John McCain's campaign mistakenly sold a BlackBerry to a Fox television reporter for $20 in a fire sale. The device contained confidential campaign information. And many Hollywood gossip publications were abuzz earlier this month with news that Tom Cruise had lost his BlackBerry while promoting a movie in Toronto. (Mixed reports now peg the device as either "found," or "never lost in the first place.")

In light of all of the slip-ups making headlines, it's no wonder that White House officials want President-elect Barack Obama to relinquish his BlackBerry before taking office. At this time of heightened concern about the security of mobile devices, CSO asked Dan Hoffman, author, mobile security expert and CTO at SMobile Systems, for his advice on ways to keep your BlackBerry safe.

Treat your BlackBerry like a PC. You wouldn't shop online, open e-mail attachments and check your bank account on your PC without having the proper firewalls and anti-virus and anti-malware protections in place, would you? So why are you doing it with your BlackBerry? A BlackBerry is a mini computer, said Hoffman.

"The perception that viruses and malware are not a problem on BlackBerries is outdated," said Hoffman. "The reason we don't hear about widespread infections is because the nature of malware has changed. Infections used to be done for fun and notoriety. Now these crimes are financially motivated."

Without software that can scan for problems and update virus definitions, BlackBerries can be quietly infected without their owners even knowing it, said Hoffman. And the creepiest part of that news is that the most popular type of malware currently seen on BlackBerries is spyware, according to SMobile research.

"Spyware can intercept every e-mail and text message that goes in and out of the device. And it can remotely turn on the phone and listen in on conversations," said Hoffman.

Watch your back. Does this sound familiar? You're killing time during a layover in Dallas by doing some housekeeping on your BlackBerry -- checking and responding to work e-mails, making important work-related calls, maybe even checking your bank account.

"I can't even tell you how much personal and sensitive information I've inadvertently seen or heard over the years because of what people were doing with their mobile devices," said Hoffman.

Hoffman recalls a recent flight where he sat directly behind a BlackBerry user who was organizing all of his passwords and entry codes.

"I could see everything though the seats," said Hoffman.

His point? Be discreet. Keep your private information private by taking care of business in a place where prying eyes can't see. And keep the conversations in front of people to a minimum. Besides risking a potential breach, you also risk annoying your neighbor.

Keep it on you at all times. This may sound like the most obvious piece of advice, but Hoffman says that most BlackBerry-related security problems begin with the owner misplacing his device.

"They are small and just left everywhere," he said.

Popular places for slip-ups and loss include bars and restaurants, where people place the gadget on a table or a bar, get into conversation and forget about it. This opens up not only the possibility that it will get left behind, but also the possibility that it will get stolen. Even a temporary theft can be damaging; the bad guy can obtain sensitive data or install a Trojan horse within a matter of seconds, said Hoffman.

Have backup. OK, so you didn't follow the last step and now you have no idea where your BlackBerry is. What can you do? It depends on whether you've prepared for this scenario.

If it's a corporate device and you work for a company with an enterprise BlackBerry server, contact IT immediately. They can remotely lock or wipe the device. If it is your personal BlackBerry, or if your company doesn't have that kind of support, you should have installed software that gives you that kind of capability. Investing in a program that gives you remote access means you can lock the device so others can't get into it. You can also back up the information you have stored on the BlackBerry and wipe it clean if you think it's gone for good.

If you invest in a remote access security system, said Hoffman, a lost device is simply a lost device, a piece of hardware. If you act quickly enough, you won't lose sensitive corporate data.

Utilize encryption. On devices from Research In Motion Ltd., encryption is there, said Hoffman. Users simply need to activate it. But many, unfortunately, do not.

This story, "5 ways to secure your BlackBerry" was originally published by CSO.

Copyright © 2008 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon