Best policies crucial to prevent cybercrimes
The Star (8 April 2012)

MALAYSIA recorded RM2.75bil losses due to cybercrimes over five years (from 2005 to 2010), with the financial sector the worst hit, CyberSecurity Malaysia reported recently.

With the increased uptake in mobile applications of local enterprises, it is crucial that Malaysian companies implement guidelines and a strict policy on their employees with mobile devices to safeguard the confidentiality, integrity and availability of data contained in the devices.

"Mobile devices today carry confidential information such as company e-mail messages, product pictures and customers' contact details. Similar to personal computers, mobile devices are vulnerable to spam, viruses, spyware, theft, loss, and even phishing attacks. The confidentiality and availability of company data will be compromised if a mobile device is misplaced, lost, stolen or hacked into," Cybersecurity CEO Lt. Col (R) Prof Datuk Husin Jazri (pic) reiterates.

Husin stresses user education on best practices of using mobile devices securely for users.

"For example, users should learn (or be trained) about how to encrypt data on their mobile devices and portable storage devices such as thumbdrives for protection in case the devices are misplaced or stolen."

A few policies that Malaysian organisations can implement include pre-installing anti-virus, anti-spyware and firewall on the mobile devices before issuing them to the employees; and encrypting all confidential data and e-mail stored or received on mobile devices to prevent data theft.

Ultimately, the organisations need to control the usage of private applications as well the use of Bluetooth and Wi-fi by employees who are using mobile devices provided by the company to protect them from viruses, spyware and phishing attacks.

"Employers should not be allowed to download and install apps on their devices without approval from the company's Head of ICT Security," he says.