Bugging the Board by cellphone

November's security awareness materials from NoticeBored cover portable computing and teleworking. Realistic business examples help explain key controls to staff, managers and technologists in terms they can understand.

A short executive briefing on information security released today warns that 'Something as innocuous as a mobile phone can be used to bug the Boardroom. This unusual example is just one of a number of realistic scenarios used to illustrate the security risks arising from todays miniaturized computer and communications gadgets.

The latest release of NoticeBored security awareness materials from IsecT Ltd. covers information security risks and controls for portable computing and teleworking. Although todays laptop computers, PDAs and mobile phones are very convenient to use, staff, executive managers and technologists all need to know about the associated security issues. This months bumper pack of fifteen separate awareness items helps customers educate employees and achieve a sensible balance between convenience and security.

A supplier negotiating a sensitive deal with a customer could easily leave his cellphone behind in the room whilst he pops out for a cigarette" says IsecTs CEO, Gary Hinson. Listening on another cellphone in his pocket, he stands a good chance of getting the inside track on his customers negotiating tactics and gaining an unfair advantage. Would those left in the room give even a moments thought to the phone left casually on the chair with its microphone open? Typical business situations like this help managers understand that information security is not something they can simply leave to the boffins in IT. It concerns us all."

Information security risks caused by wireless networks and USB memory devices are also covered by this months NoticeBored output, along with more mundane issues such as theft and damage to laptops. Even health and safety for IT homeworkers get a brief mention.

NoticeBoreds somewhat unconventional view of information security is designed to draw all employees into the awareness program and, over time, achieve widespread cultural change. The continuous drip-fed monthly topics and broad appeal of NoticeBored helps make information security second-nature," Gary told us, whereas traditional awareness posters and short courses are soon forgotten. We get under their skin with messages that stick."

Visit NoticeBored.com to sign-up for a free security awareness newsletter and find out more about this innovative service.