Everyone Would Abuse a backdoor in a Mobile device

iPhone Monitoring

Everyone would abuse a backdoor in a mobile device

The Government wants backdoor access to our devices so that it can protect us from terrorists and defend matters of national security. Even if its intentions are good, there are people out there that would abuse such a feature, security professionals attending the RSA conference agree.

Archive All Electronically Stored Information

It is the organization’s responsibility to archive all electronic communication.

Does your firm comply with the proper guidelines and following regulations(FRCP, FINRA, HIPPA, SEC, Dodd-Frank Act, Public Record Laws and several others depending on industry)?

Electronic communication includes email, social media, text messages, instant messages, and mobile voice calls.

According to the “Federal Rules of Civil Procedure” (FRCP), organizations have a “Duty to Preserve” all Electronically Stored Information (ESI). “The amendments to the Federal Rules of Civil Procedure (FRCP) describe the duty to preserve potential evidence when litigation can be reasonably anticipated.” If you are involved in potential litigation, you will need to be able to quickly and easily access, search, place litigation holds and publish ESI, otherwise, your organization could face fines, sanctions and other similar penalties.

SEC Rule 17a-3: Requires the production of such records.

FINRA Regulatory Notice 07-59: Provides guidance for the review and supervision of electronic communications. For purposes of the FINRA guidance, “electronic communications,” “email” and “electronic correspondence” “may be used interchangeably and can include such forms of electronic communications as instant messaging and text messaging.”

MobileGuard helps protect your organization because all electronic communications, such as email, social media and mobile communications are safely archived and easily retrievable. All content is searched and delivered in seconds showing the complete conversation thread. As a result, all electronic communication is readily discoverable and exportable for eDiscovery.

Social Media Compliance For Financial Services

In January 2010 FINRA introduced Regulatory Notice 10-06 with the goal to ensure that investors are protected from false or misleading claims and representations, and firms are able to effectively and appropriately supervise participation in these sites. At the same time, FINRA is seeking to interpret its rules in a flexible manner to allow firms to communicate with clients and investors using this new technology.

Given the numerous ways in which information and personal thoughts can now be transmitted across web-based media; particularly via social networking sites such as Facebook, LinkedIn, and Twitter. FINRA Notice 10-06 holds that the use of Internet-based social media communications must be viewed and monitored in the very same way as are written communications and in-person conversations. Therefore, these regulations and suitability requirements also apply to any forms of advertisement, sales literature and correspondence when used in social media situations.

The obligations of a firm to keep records of communications made through social media depend on whether the content of the communication constitutes a business communication. The key to this statement is ensuring that every firm determines what is and isn’t a business communication, as well as implementing measures that require any business communication made by an associated firm member be retained, retrievable and supervised.

MobileGuard Announces Apple iOS SMS Recording and Monitoring for Regulatory Compliance at the Annual FINRA Conference in Washington D.C.

New York, NY – May 20th, 2014 – MobileGuard, the pioneer and leader in mobile communication monitoring and archiving solutions, announced at the FINRA conference in Washington, D.C., that Apple iPhone SMS messages can now be recorded, captured and monitored through its innovative new solution, NetGuard. The annual conference is FINRA’s premiere event where compliance officers, regulators, legal professionals and others discuss the emerging regulatory issues in the securities field. MobileGuard’s compliance specialists attended the event held at the Renaissance Hotel last month, and demonstrated to attendees their newly released solution, NetGuard. NetGuard has been added to the already vast mobile compliance offering suite. The new solution works on any and all devices with no application. Apple’s iPhone has been the biggest challenge for companies needing to monitor SMS messages due to the device’s closed operating system. NetGuard solves this problem and is currently the only solution on the market today to capture iPhone SMS messages successfully.

NetGuard is a comprehensive compliance solution for enterprises that provides unified, device independent, real-time monitoring, alerts, capture, archival and analysis across mobile, social and corporate communications for any mobile device.

Todd M. Cohan, CEO of MobileGuard, said “We are confident that NetGuard and the new advancements we have made will help companies comply with the electronic communication mandates for mobile information in regulated industries. It has been in development with the carriers for almost five years and we are very excited that they have agreed to partner with MobileGuard to provide this to their financial service, government and enterprise customers.”

Unlike many other applications that are installed on the device and require the use of a virtual number, NetGuard captures the native SMS/MMS messages as well as the native voice conversations, (Voice Release: Fall 2014). All information is recorded and monitored with alerting and policy functionality to allow robust supervision as required by various compliance regulations.

About MobileGuard
MobileGuard is the most experienced provider of mobile communication monitoring and
archiving solutions for Android, iPhone, Windows and Blackberry devices. The solution
suite ensures compliance with all relevant regulatory bodies such as FINRA, SEC 17-4,
HIPAA, Dodd-Frank, FCA and Federal Rules of Civil Procedure. MobileGuard
compliance solutions provide monitoring, capturing, logging, archiving, supervision and
alerting of all communications on company mobile devices. MobileGuard’s solutions are
provided as either a hosted platform or in the customer’s environment.

To learn more,
please visit https://www.MobileGuard.com.
Media Contact: press@MobileGuard.com
Phone: 646.459.4354
Website: www.MobileGuard.com

Enterprise Mobility Management (EMM) Rises To The Occasion

More than 70% of organizations have plans to spend on projects for mobilizing enterprise apps, in the near future. In other words, more than 70% of organizations are either already running or planning a mobility technology compliance project. However, more than 30% of these organizations are facing challenges like lack of clarity on policies for multiple users and roles in the organization, leading to a choice between app wrapping or deploying an MDM solution, among others. More than 32% of organizations in emerging markets are struggling with developing apps that run across multiple operating systems and form factors. From being BlackBerry centric, users across most organizations are increasingly migrating to Apple’s iPhone and Google’s Android, making the scenario a complex and expensive one for IT teams.

The mobile device management market has evolved into the enterprise mobility management suites market. EMM is growing quickly, and the vendor landscape has changed significantly, which will impact IT leaders’ choices. MDM, mobile application management (MAM) and mobile content management (MCM) are tools integrated into EMM solutions. EMM suites consist of policy and configuration management tools and a management overlay for applications and content intended for mobile devices based on smartphone OSs. They are an evolution from previous-generation MDM products that lacked application and content management. IT organizations and service providers use EMM suites to deliver IT support to mobile end users and to maintain security policies.

Government Officials’ Text Messages Are Now Public Records in Mississippi

The Mississippi Ethics Commission hands down a landmark opinion on public officials’ texting about government business. The unanimous decision states text messages are considered public records, even if they are sent from a government official’s personal mobile phone.

An investigative reporter fought for access to what he believed was public record. He took his fight to the state and won. Mississippi open government and transparency advocates view this unanimous commission opinion as precedent-setting for all government bodies and public officials in the state.

“The law is catching up with technology,” said Ethics Commission Executive Director Tom Hood.
Records, regardless of form, generated in the conduct of public business in Mississippi are to be considered public record.

State law requires permanent retention of all public matter correspondence. “This will be precedent for all public officials in Mississippi,” said Leonard Van Slyke, a media law attorney who advises the Mississippi Center for Freedom of Information.

The law exempts some information such as personnel records and individual tax records.
The law takes effect July 1st 2014.

Trends in Electronic Communication Compliance

Which records do we need to keep, and how long do we have to keep them?

In the past several years, large and small businesses alike have wanted to know which records they need to archive based on regulations and certain policies. Since the 2006 amendments to the Federal Rules of Civil Procedure, the legal literature has extensively covered electronic record retention requirements, with particular scrutiny on retention and retrieval of email. Yet, legal literature often overlooks other forms of electronic records impacted by the 2006 amendments and federal and state regulatory schemes. Voicemails, instant messages, text messages and other forms of alternative communications are electronic records subject to preservation and production by regulatory requirements and for discovery in certain circumstances.

The increasing number of federal and state regulations requiring businesses and local governments to retain text messages, voicemails, instant messages and other forms of alternative electronic communications will lead to more litigation. Businesses throughout the United States need to know the new regulations addressing discovery and retention of electronic communication records. As well as keeping up with the recent changes in regulatory enforcement and the evolving archiving standards.

Perhaps the most extensive and significant electronic record retention requirements are contained in the Dodd-Frank legislation and regulations.Financial institutions must ensure that they have the capability to archive and maintain all types of electronic communications. Therefore, the installation of text message archiving, voicemail archiving, instant messaging archiving, voicecall archiving and email archiving may be necessary.

As consumer technology becomes increasingly present in the corporate environment, a proper information governance strategy is paramount to ensure valuable business information is retained while stale data is purged to reduce legal and regulatory risk exposure

The Need for Chief Mobility Officers

Compliance regulations are in the process of finally grasping control over new technologies affecting their corresponding industries. People may accomplish a task like check a status, find an expert, receive an alert, make a purchase, answer a question, share an opinion, or send a message with their mobile phones. This shift will lead to 350 million employees using smartphones and business spending billions of dollars on mobile projects. Employees prefer to text and call each other on their mobile devices instead of their desk phones.
This chief mobility officer position should oversee not only the bank’s consumer-facing apps, but also its B2B and employee apps that mobilize back-office processes. Deploying multiple mobile apps without a central coordinating function can be very costly in terms of time, money and security risks. There are many different tools that can be used to help ensure secure enterprise mobility at the device, app and data levels. For example, while basic Mobile Device Management solutions include policy management for devices, corporate data and content or applications, only some high-end solutions also include security mechanisms like data encryption, user authentication, malware protection or security regulation compliancy.
Security fears are one of the main reasons banks and other enterprises have slowly waded into the mobility waters rather than diving in head first. The right application and integration platforms can also help ensure compliance with regulations.

Managing the Risk of BYOD ( Bring Your Own Device )

BYOD refers to the policy of allowing employees to use their personal mobile devices to access their employer’s information systems and applications for business purposes. In recent years, there has been a fundamental shift in the way people understand and interact with electronic information. Employees expect to be able to work with the device of their choice and dislike the inconvenience of maintaining separate mobile devices for business and personal use.

As with any technology, there are risks associated with implementing a BYOD program. There are legal risks, such as the ability to access information responsive to a document requests for preservation or production; there are regulatory risks associated with information on those devices that may be subject to regulatory retention and supervision requirements; there are information security risks associated with lost or stolen devices, as well as many different devices having access to the organization’s networks; and there are data privacy risks associated with the mix of personal information with business information on one device. Consider the use of text messaging in a BYOD program. With an organization-owned device, the organization has the option of centralizing control of its employees’ text messaging by disabling text or instant messaging capabilities on the device or capturing such messages for business purposes on the organization’s centralized infrastructure. With a BYOD program, however, an organization loses its ability to easily block or capture business-related text messages, and is forced to rely more heavily on employee participation and compliance with policies to manage risk.

Configure policies to prevent data collection from personal email, content or applications on an employee-owned device. GPS location, personal user information and telecom data can also remain private, and employee-owned devices can be protected from a full device wipe or remote control. With custom Terms of Use (TOU) agreements based on user role, organization group and device platform, users can be informed about data that will be captured and what they are allowed to do with the device.

Creative design from the South

Get in touch with us!