Most people I think have a rough idea of the steps involved in replacing a lost wallet or purse. Photo ID, bank cards, insurance cards, and if you're really unlucky, social security cards or birth certificates all need replaced. Sometimes in a certain order. And the things you have to do to replace each thing can often become mini projects of their own. Now enter the lost smartphone.
Replacing a lost smartphone includes everything that replacing a dumbphone involves such as contacting your service provider to discuss options for a new device, contract, or even a new service provider entirely. But smartphones have one really important element to them that you should know the implications of BEFORE you've lost yours: connectivity to your data. As of the time of me writing this, every smartphone I've seen to date: expects you to connect it to your data, and then caches the credentials you provided so that it can always access your data without you having to provide those credentials all the time. The upside to this is usability of course. Nobody wants to be typing passwords into any phone, like ever. But the downside is that the jackass that picked up your phone and walked off with it is now connected to your data. This means he gets to status jack you, dig through your email, and soon much more.
Smartphones and people are evolving together into so much more than something that allows us to call, text, and take pictures; they are becoming hubs into our data which we use to make decisions and take action. How many times have you pulled over pull up a route to somewhere, let someone know you're on your way, maybe put on some music or simply pull up an email that contains details of a something that needs thought through so you can figure things out along the way, such as the suite number you need to find of the interview you're headed to, or the campsite number where you are to rondevu with your friends and family. As people have come to trust smartphones to provide essential information, they also must trust that their data is accessible(even though battery life leaves a lot to be desired).
All the while, the cloud is omnipresent. Highly reliable and available are attractive specifications to smartphones wanting to deliver your data to you wherever and whenever you need it. And whether you are embracing the cloud, having it foisted upon you, or could care less, the cloud's ability to keep and dish out our data reliably and securely has thus create a celebrated, offensive or negligible (accordingly) marriage between it and your smartphone. And once you bless this union with your credentials, they don't need you anymore to stay connected.
In fact all they really need to be together is a data connection, some battery, and your credentials. This presents a few potentially potent problems when your smartphone fall into the hands of someone else AND it remembers your credentials. At least for now (until quantum computing), you don't have to worry about your phone spilling your password, thanks to one-way encryption. But while in the hands of its new owner, your data, sensitive as it may or may not be, is highly available to that person. Whether you get your phone back from its benevolent captor, status jacked for a good laugh, or have your identity stolen is simply a matter of how much the universe (dis)likes you. How concerned you are about this seems like it would be a function of how vulnerable you are when your data is in someone else's hands, and is as good a thing as any to risk-manage.
Fortunately, like replacing your wallet or purse, systems exist and are improving all the time for dealing with lost or stolen smartphones. The two I'd like to illuminate are GPS tracking functionality and what i'm going to just call "active session" management tools provided by the services that host your data. Instead of talking about them here myself, I will refer to posts which already exist to describe exactly these things.
Windows Phone GPS tracking
Android GPS tracking
Facebook active session management
Gmail active session management
No comments:
Post a Comment