Smartphone kill switch: the big red button
The Smartphone Theft Prevention Act is a newly proposed bill in the US which, if passed, the government hopes will go some way in reducing the $30bn of tax-payers' money currently being lost to smartphone thieves each year.
Mobile devices are no longer just a way for people to stay in touch on the move – they've become an extension of both our personal and professional lives. So not only is it inconvenient to have your phone stolen, it actually poses a significant security threat to you and your business. The proposed bill suggests installing a remotely activated "kill switch" onto all smartphones that, when triggered, would render a device completely useless.
Obviously its purpose is to protect us as users, but that kind of judicial power could so easily be abused once the infrastructure is up and running. What if the system was cracked by hackers, who could then disable huge numbers of smartphones at a time with just the push of a button? Or imagine if hackers targeted groups like the emergency services or the Ministry of Defence - the consequences would be catastrophic.
Until very recently, providers have been hesitant to employ such drastic tactics, suggesting the use of less invasive software tracking and data erasure options instead. However, Apple and Samsung now have a similar function available on the iPhone and Galaxy S5, but at the moment you still have to opt-in to activate it. If the Smartphone Theft Prevention bill passes, it would mean the kill switch was automatically activated and consumers would have to opt-out to bypass it.
If organisations want to keep control of the data stored on their remote devices, risk management is going to play a pivotal role here - especially if they operate a BYOD policy or have any number of remote workers. Backing up and encrypting sensitive data becomes more important than ever. If someone had the power to render all of your company's mobile devices useless at the flick of a switch, you need to have a copy of that saved somewhere safe, secure and easy to restore from.
Cracking techniques are too sophisticated to ignore. Safe-guarding your devices with functions like a kill switch may be soon be necessary to protect the loss of your data. This now becomes a new risk to be included in your business continuity plan. If your remote workers all go down at the same time, you need to be able to get them all up and running as fast as possible. Failing to have a disaster recovery process in place could end up proving very costly indeed.