PSA: Secure Your Mobile Devices

Think about all the data you have on your phone. These days, that’s more than just a list of phone numbers. We have email accounts, social networking profiles, mobile banking, private notes and documents, and so much more. If our phones were lost and consequently found by someone with less than honest intentions, the list of potentially compromised information would be daunting.

But just how bad could losing your phone be? Symantec recently decided to find out. They intentionally “lost” 50 Android smartphones across various large cities in the US and Canada. Each device was loaded with what appeared to be private data and fitted with special software that allowed Symantec to track what happened. The results? Well, they’re not promising.

Over 95% of the time, those who found the lost device made an attempt to access data such as email or online banking information. 

Let that sink in for a minute. Based on the results of this study, it is safe to assume that if you lose your phone, someone will be poking through all your private and personal data. On a slightly happier note, some sort of attempt was made to return the phone about half the time. But even in those cases most people went snooping around first. Some even directly admitted to doing so, apologizing after the fact. Check out the full report here [PDF].

The moral of the story? Ensure your data is secure! Whether this is through a passcode or gesture based lock, remote wipe capabilities, encrypted data, private records (in the case of DejaOffice), or some combination of these. Your phone simply contains too much personal data to remain unsecured in some way.

How to Password-Protect Contacts, Calendars, & More with DejaOffice

DejaOffice makes it easy to protect your private data. With our Private Records feature, you can secure contacts, calendar events, tasks, memos, and even expenses. And it does so selectively, allowing you to secure your most sensitive data while keeping your standard data easily accessible.

Interested in learning how Private Records work? We thought you might be, so we made a video. Check it out below to get started:

The Plight of the Standalone Microsoft Outlook User

These days, “the cloud” is all the buzz. The cloud, in terms of contact and calendar sync (among others), means using a service like Google, Gmail, or Windows Live (Hotmail). Just host your data in the cloud and it will magically show up on your device. Simple, right?

Not so, say the people (as they rise in mutiny).

Google started the move to store personal information in the cloud. First with email, then with calendar, and then with contacts. If you buy a new Android phone, all your email, contacts, and calendar data that is hosted in the Google cloud will magically synchronize with your phone. Oh, and this magic works with iPhone, iPad and BlackBerry too.

Microsoft joined the cloud party with their Windows Phone 7 launch. They now require people to have a Windows Live account in order to sync PC data to the device. This means Microsoft Outlook users who have maintained years of contacts, calendar, tasks and notes data on their PC now have to trust that data to the cloud. The cloud will then synchronize with Windows Phone 7.

So what’s wrong with this?

Well, for starters, we’ve already seen this movie! Palm tried the same thing with their Palm webOS launch.  They required people to have a Google account, which integrated with Palm Synergy. If you wanted to keep your PC data in sync with your webOS device, you had to first sync to your Google account in the cloud. The story for Palm didn’t end so well. (HP may beg to differ.)

While the cloud is an amazing resource that should be used, not all Outlook users can digest trusting their PC data to the cloud. Many people have security requirements in place that simply don’t allow cloud storage of their data. Others are leery of hosting their sensitive information online. Their question is simple, “I’ve used Outlook for years. Why am I now being forced to add a web-based account, and trust everything to that?”

The cloud providers will argue that you trust a lot of things to the cloud, whether you realize it or not. They’re right. Your credit card details you use for that online orders, tax returns you prepare and submit online, or the numerous online banking and bill-pay services you use – they all store data in the cloud. And we don’t even blink.

But this is different. It’s not an argument on the security of cloud storage. It’s about having options. Put simply, not everyone wants to sync their Outlook data to the cloud – and they shouldn’t have to!

The good news is that there are alternatives. You’ll need to find a tool that allows you to keep your data on your PC and sync directly to your device. There are a few ways to go about this:

1. Check if your phone’s manufacturer offers a sync solution. BlackBerry and iPhone both offer such solutions to directly sync with Outlook.  BlackBerry offers BlackBerry Desktop Software, and Apple offers iTunes. Android, on the other hand, is more fragmented (HTC has HTC Sync, Samsung offers Kies, etc).

2. If the option from the phone’s manufacturer is non-existent or insufficient for your needs, look for third-party software. Shameless plug – CompanionLink has software that can sync your Outlook contacts, calendars, tasks, memos, and categories to your mobile device. It works with all Android, iPhone, iPad, and BlackBerry devices. There are a number of other options available as well, but few offer the complete sync solution that CompanionLink does. For Android, SyncDroid has a solid list of most all of the sync options available. For iPhone and iPad, you’ll most likely have to piece together a solution from a few different apps in the App Store. For BlackBerry and other devices, your options are few and far between, but a search on Google should turn up some options.

In the end, the cloud is certainly where the industry is heading. As time goes on, it will likely become as ubiquitous and secure (or even more secure) than traditional data storage options. Until that time, however, those who wish to sync their data locally still do have options!

Tech Tip: Use CompanionLink with Google’s New “2-Step Verification” Feature

Google recently rolled out a new security feature called “2-step verification.” As Google puts it, this is designed to add an extra layer of security to your account by “requiring you to have access to your phone – as well as your username and password – when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can’t sign in to your account because they don’t have your phone.”

While this feature certainly makes your Google Account more secure, it can cause applications that need access to your account, such as CompanionLink, to stop working with your usual Google/Gmail password. Google planned for this, however, and built in a solution. You simply need to set up an “application-specific password.” This is a special password that only works with the specified application. If  you have taken advantage of Google’s more secure login system (or if you want to), you’ll need to be sure to create an application-specific password for CompanionLink to ensure uninterrupted syncing.

Google has posted a guide with instructions on how to create an application-specific password.