Security firm Check Point have identified a number of vulnerabilities in microchips used in Android devices, that allow hackers to gain access to and control the entire device, with the power to change or delete files and apps, access the device screen, its camera, microphone and its data!
With the BYOD (Bring Your Own Device) being so common now within firms, a vulnerability in mobile devices on this scale presents a huge risk to business. This vulnerability gives the criminal potentially unfettered access to entire company systems with relative ease.
Patches have been released by the chip manufacturer (Qualcomm), so that the equipment manufacturers can update the devices affected.
This issue illustrates why IT teams and businesses need to be aware of all the devices being used in their business and on their networks, the data that those devices are trying to share and access, and how up-to-date and secure those devices are.
If you allow BYOD in your business, you need to have robust and enforceable policies in place to protect your data and that of your customers. You also need to ensure that your IT departments are on top of their patching regime (they should have one). The way to do this is to have an Information Security Management System (ISMS) in place that complies with ISO 27001, covering your entire business.
ESID Consulting design and implement ISO27001 compliant Information Security Management Systems within companies and organisations to mitigate these risks and the multitude of others that pose a threat to businesses.
For help and advice on how to protect your information and that of your customers please contact ESID Consulting via email firstname.lastname@example.org or Telephone 0844 358 2362.
The full article for this piece can be found here