Knowledge gap plagues mobile security
The current wave in technology is all about mobile devices – no doubt about it. New devices with innovative applications and services are the draw for the billions of wireless users worldwide. Some users find these devices addictive. Security issues surrounding wireless devices are commonly talked about and discussed, and some improvements have been made while many others are on the way.
Like traditional computing, the lack of knowledge among mobile users about the security issues is well known. Some efforts to rectify that knowledge gap that is all too common in security problems currently. However, it is not always the end user that is the root cause of the knowledge problems that result in security issues.
This became all too evident in a recent interaction I had with a device and service provider. While upgrading to a newer device I interacted in person with one of the sales staff. During that interaction I decided to probe into his general knowledge about security issues surrounding the devices and services that were being pitched to me. If I were to give his awareness a grade it would be a big fat F.
He knew nothing about any of the devices related vulnerabilities that have been widely publicized for months, not even the basics. I am not talking about advanced threats, I am talking about fundamental issues. The product knowledge of this provider was so lacking that they even sold me an accessory that would not work with the device he sold me. So his knowledge gap went far beyond security. It encompassed basic product knowledge of interoperability with other products they sold.
Once I discovered the interoperability mismatch, I called the store. After 30 minutes of trying, I was finally connected to another sales representative. I just wanted to return the incompatible accessory and get one that works. I found it hard to believe, but she was even less knowledgeable.
Maybe it’s time that the basic sales training on a company’s products include the security fundamentals for that product or service. With all that is at stake at least these organizations should make sure they are not making the security situation worse with incorrect information. Or at least read Symantec’s eight-page Consumer Guide to Wireless Device Security.
Posted by Kevin Coleman on Jul 19, 2012 at 12:15 AM