Return of the Guru

The Latest Hacking Tool: The Smartphone

Ara Trembly
Insurance Experts' Forum, October 20, 2011

The idea that technology is developing at a speed far faster than our ability to cope with it has been frequented in this blog. Specifically, as we move on to new devices, we are unexpectedly faced with inherent challenges spawned by those devices.

A recent posting on ScienceDaily reports that hackers could potentially use recent models of Smartphones to track what a person is typing on a keyboard just inches away. As the article notes, many of us undoubtedly have the devices nearby—in our pockets or on our desks—while working at our office computers.

According to the posting, a research team at Georgia Tech has discovered how to use a Smartphone accelerometer—the internal device that detects when and how the phone is tilted—to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy. The procedure is not easy, but definitely possible with the latest generations of Smartphones.

Admittedly, it is not likely that many such attacks will take place in the near future on insurance or financial enterprises, much less elsewhere. But like many hacking technologies, it is likely to evolve to a point where it presents a much more immediate danger. The real issue here is one that insurer and financial services IT executives have been struggling with for several years—namely, which devices do we allow to access our enterprises?

Of course, anyone could carry a Smartphone into work and carelessly place the unit so as to allow remote hacking by someone with enough interest and fortitude to go through this particular process. That would just be a matter of chance, however. I am inclined to think that the real threat is from corporate spies or simply disgruntled employees who want to steal vital information (passwords, account numbers, confidential memos, social security numbers, etc.) for ill-gotten profit or for plain old revenge. How difficult would it be to place a Smartphone near the computer of a colleague who was dealing with such sensitive information? Not terribly challenging.

So while the threat from newer Smartphones may not be imminent, we must keep it in mind as we look to secure the volumes of confidential data with which we deal in our industry. It is already well known that, for a variety of reasons, wireless computing devices like Smartphones present security risks to our enterprises and data. The new Smartphone hacking technology just adds fuel to the fire in the debate over what devices should or should not be allowed inside our corporate walls or inside our networks.

It may well be that we will see some companies literally requiring their employees to leave their Smartphones or other devices at the door as they enter. IT executives must weigh the risks of allowing wireless devices in the business environment against the clear popularity of such devices with their employees. And in the insurance game, “risk” is a dirty word.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.

Competing with the Coasts for Tech Talent

Are heartland-based insurers at a recruiting disadvantage for tech skills?

Putting Your Investments Where Your Transformation Is: Part 2: Optimizing Your IT Investments Portfolio

Sam Medina continues a 3-part series on Transforming the IT Investment Budget in order to fund new programs and initiatives without the necessity of additional capital expense.

Boosting Performance with Integrated Underwriting Tools

A unified, comprehensive platform can help underwriters perform their jobs more efficiently and profitably.

Apply Mindfulness to Leadership

Managers can benefit from applying this theory both to their career aspirations as well as to interactions and expectations of staff.

Opinion: Halbig Decision Creates New Level of Uncertainty for Obamacare

Time will tell if the Halbig decision remains viable. But in the meantime, a new level of uncertainty has been injected into the process.

Advertisement

Advertisement