Making mobile data foolproof: lessons learnt from Brother Orange

Wednesday July 08, 2015 , 4 min Read

The Orange Brother story emerged as one of the most amazing Internet stories of 2015. A guy from New York goes on the trail of his lost phone all the way to China, with millions of Chinese netizens helping him search for the person who has his phone. Matt Stopera (known as Brother Orange in China) lost his iPhone in a New York bar in January, 2014. The phone found its way to Shenzhen in China, the world’s largest second-hand cell phone market, only to be resold to a buyer in China a year later. When the new buyer got the phone old pictures of Matt still existed in its memory. In addition, the phone having being synced to iCloud, the new buyer’s pictures started appearing in Matt’s image gallery on his new phone.

Image credit "ShutterStock"

The incredible story (read full story here)of Matt, who became the most followed person on Weibo (Chinese version of Twitter), is all about the extraordinary power of the Internet. More significantly, it shows the fragility of our mobile data security systems and how vulnerable it is in case of a device loss.

The Threat Looms…

From social media sign-ins to online banking passwords and from photo albums to videos, our smartphones, laptops and tablets are a treasure trove of personal information. Hence these mobile devices are the most sought after by thieves as well as cyber criminals. From malicious malware to hackers, our mobile devices are vulnerable to attacks from all fronts. While device encryption is considered to be one of the premier forms of mobile data protection, the complexity of default encryption is one of the major obstacles and reasons for users still not opting for it in a big way. While iOS users can rest easy as their data is already encrypted, the ambiguity of Android in enforcing default hardware encryption has left its users in a precarious position.

In addition, unlike the iStore which is extensively controlled and governed by Apple, Google Playstore is open to all kinds of apps with no entry barrier or checks before going live. This is the easiest route for malware to sneak into consumer phones under the guise of free apps offering wallpapers, games, music or videos. Thus, Android users are almost completely devoid of a proper app cover or app security that can keep a tab of such malware entering their mobile devices.

Securing your Android Device with Custom ROMs

One of the biggest drawbacks of stock Android OS is the lack of a mandatory or a default hardware encryption module that Apple has so successfully implemented. While Android’s latest Lollipop 5.0 release promised default hardware encryption as one of its premier offerings, the actual product is more of a half-hearted effort. ODMs and OEMs have side-stepped default encryption, making subsequent data encryption cumbersome and complex. With Android phones still capturing a record 81.5 per cent of the Smartphone market share (2014 figures), the Brother Orange scenario is likely to be amplified a hundred times over.

What stock Android has failed to do, custom ROMs like Cyanogen Mod, Oxygen OS and KratOS have managed to do successfully. With enhanced security and manageability features, these custom operating systems have given the desired security edge to grappling Android users.

Enforced Encryption

Unlike stock Android, custom ROMs like KratOS have a password-tied encryption policy enforced for all Android devices. This enhanced security measure for Android devices becomes even more critical in the BYOD and COPE modules. With employees increasingly using personal devices at work, there is a lot of critical enterprise data that also gets stored on these devices. Custom ROMs like KratOS allow clear designation of personal and enterprise workspace with a security cover that can be extended to the entire device or to a specific workspace/secure zone activated on the device.

Remote Access

The case of Brother Orange unilaterally emphasizes the need for remotely accessing your device in case of theft. Custom ROMs provide the ability to remotely lock, wipe, and manage devices, ensuring that the consumer is always in control of key personal or enterprise data, in case of a theft.

App Security

To avoid any malware penetration through the Google app store, custom ROMs provide enhanced app management policy to run in a secure zone. It sets up a virtual filter that allows only genuine and secure apps to run, blacklisting any suspicious or fraudulent apps.

As the world becomes increasingly mobile, data security will assume even greater significance. With people using their smartphones to manage everyday tasks – personal or professional, consumers will feel the need for an enhanced security platform that will power their devices. For Android users, the answer may well lie in the custom ROMs that give a foolproof security cover that will ensure that the data is safe in any situation.