Data Management with Mobile Devices
Living in the age of the Internet and mobile technologies gradually changes people's mentalities. The simplicity with which you can search for any information you need is sometimes shocking: rather often, it is enough to insert a name of a person, and a search engine will show all the information about a user (sometimes including rather personal data, such as private photographs). Moreover, the fact that mobile applications almost always request access to personal data, such as a contacts list or a credit card number, raises numerous questions regarding security: “Where does the information about me go?” and “Who else can see my details?” So, it is logical that many people get more and more concerned about the protection of their personal data, and their privacy in general—especially when using mobile devices.
Illustrating this statement is a study conducted by the Pew Research Center. According to this study, around 54% of mobile application users choose to not install an application (both on Android and iOS platforms) if they have concerns about the security of their data or privacy. 30% of users choose to uninstall an application that was already on their devices after discovering how much information the application accesses and possibly shares (Pew Research Center).
This research only shows how important it is for people to keep their data on mobile devices safe. Data security is protected by the law—at least in the United States. In particular, the Data Protection Act 1998 (DPA) requires organizations to maintain the confidentiality of data operations, and grants individuals the right to delegate their data to organizations regarding the protection of personal information. In other words, if a Google application accesses a person’s contacts list and credit card credentials, for example, the DPA obliges Google to keep this information safe from third parties, and guarantees a person the protection of their right to privacy. The Act operates with such terms as “personal data” and “sensitive personal data,” making a clear distinction between them. “Personal data” is a broader term, regarding any information about an individual, whereas “sensitive personal data” includes details about an individual’s political and/or religious outlook, ethnicity, membership in governmental or non-governmental organizations, sex life, state of health (both physical and mental), family, and so on (Jisc). The DPA cannot cover all aspects of information use, but still, the legislative protection of individual rights for privacy is a huge step forward—crucial for the digital era we live in.
As for the technical aspects of mobile data management and protection, there are numerous encryption technologies that can protect a user’s data if it is stolen. How? The main principle of encryption is to scramble data in such a way that an unauthorized user—for instance, a hacker intercepting transmitted information—would not be able to read it; at the same time, encrypted information is easily available to the legitimate owner. The process of encryption involves using special algorithms (or ciphers) which entangle data, break it into chunks, and makes it incomprehensible in a number of other ways; in order to make data intelligible again, a key is required: usually, it is a piece of code that interprets the encrypted data. There are two aspects of data encryption: encrypting data transferred from one device to another, and encrypting data on a device itself. As for the former, many companies are currently working on enhancing the security of transferred data—for example, Symantec, DataMotion, and Proofpoint. Modern data security technologies include transmitting already encrypted messages and/or data from one device to another with the following decryption: safe gateways for data transmissions created before sending/receiving messages; virtual private networks (VPNs) used to eliminate or minimize the possibility of external interference, and ensure secure data transmission from one device to another within a network. These technologies are undoubtedly effective, but still need to be developed in order to remain adequate to counter ever-evolving cyber threats.
On the other hand, encrypting data on devices is a bigger challenge for the IT sphere. One thing is when a hacker intercepts a message; another thing is when a person’s phone is stolen—in this case, a pin code or graphic password cannot serve as reliable protection. Different companies producing mobile devices work on this problem in their own ways. For example, Apple devices working on iOS 5 used the 256-bit Advanced Encryption Standard, which allowed automatic data encryption on devices. It was enough to enable the Passcode Lock feature to ensure email and application security. Unfortunately, this technology did not work on videos and images, but Apple keeps improving their security standards and measures, so newer iOS versions will support more advanced encryption methods. With Android-based devices, their users have the possibility to use several Android enterprise features, as well as applications such as WhisperCore, which allows full on-device encryption (TechTarget).
Managing and protecting data on mobile devices in the digital age is not an easy task. Different studies show that people are concerned about their privacy, preferring to not install or delete mobile applications which, as they suspect, can obstruct their confidentiality. There are certain steps taken in the direction of protecting personal data, both legislative and technological. The former refers to the Data Protection Act, regulating the relationships between organizations and users regarding the use of personal data. The latter, in its turn, comprises a number of ways that information can be protected both on devices and when transmitted from one device to another. Altogether, these methods provide a relatively strong protection of private data, but they need to be constantly modernized.
"Mobile Data Encryption Techniques: On-device and On-the-go." TechTarget. N.p., n.d. Web. 24 July 2017. http://searchmobilecomputing.techtarget.com/tip/Mobile-data-encryption-techniques-On-device-and-on-the-go
"Security, Mobile Devices and Data Protection." Jisc. N.p., n.d. Web. 25 July 2017. https://www.jisc.ac.uk/guides/security-mobile-devices-and-data-protection
Boyles, Jan Lauren, Aaron Smith, and Mary Madden. "Privacy and Data Management on Mobile Devices." Pew Research Center. N.p., 04 Sept. 2012. Web. 25 July 2017. http://www.pewinternet.org/2012/09/05/privacy-and-data-management-on-mobile-devices