Categories
Backup and Storage

Samsung Android security flaw could be a problem for BYOD employers

Manufacturer has moved to patch the Galaxy S III device but others could be vulnerable.

A serious security flaw in some Samsung Android phones could potentially wipe all of the data stored on such a mobile device and compromise the security of central servers the phone may have access to, it was reported today.

The flaw was exposed this week by Ravishankar Borgaonkar, a research assistant at the Telecommunications Security department at the Technical University of Berlin, who demonstrated a remote data wiping attack at a recent Ekoparty security conference in Buenos Aires.

It’s thought the attack – which can be launched by loading a "tel:" uniform resource identifier (URI) from certain Samsung Android phones – loads a special factory reset code within an iframe displayed in the browser, which wipes data remotely and could also be used to permanently disable SIM cards.

A number of Samsung devices – including the Samsung Galaxy S III, Galaxy S II, Galaxy Beam, S Advance and Galaxy Ace – have been identified as being vulnerable to the reset flaw.

Samsung has moved to fix the flaw for their Galaxy S III devices, but other models are still susceptible to malicious website attacks. "We would like to assure customers that the recent security issue affecting the Galaxy S III has already been addressed in a software update," the company said in a statement.

"To ensure customers are fully protected, Samsung advises checking for software updates through the ‘Settings: About device: Software update’ menu. We are in the process of evaluating other Galaxy models."

But for employers who practice a Bring Your Own Device (BYOD) policy at work, the vulnerability will come as a wake up call.

Many devices that have access to remote document storage could be compromised by malicious hackers, and workers may not make the necessary software updates regularly enough to patch such vulnerabilities.

That’s why offsite backup is a good idea. If your system is compromised through a mobile hack, regularly kept back ups can be used to restore sensitive data following an attack.

Related posts:

  1. Survey reveals companies still overlooking security with BYOD Employees and businesses may not be taking security seriously enough...
  2. IT security chiefs urged to ensure BYOD advantages outweigh risk Enabling employees to use their own electronic devices can have...
  3. Traditional IT security ‘won’t match BYOD needs’ Trying to stretch traditional IT security to fit BYOD may...
  4. Cloud computing ‘can aid BYOD security’ How the cloud improves security when employees use their own...

Categories

Recent Posts

Popular Tags

compliance data protection digitisation disaster recovery document scanning document storage electronic document management legal paperless office process automation

How can we help you?

Contact us at the Dajon Office or submit a business inquiry online.

Contact Us

Dajon Data Management has provided an exceptional customer experience. We were very impressed how quickly and efficiently they digitalised our personnel records at a very crucial time for our organisation

Amandeep Manget, Senior Human Resources Manager (Recruitment and Transactions), Breast Cancer Care