This week, AT&T announced plans to set up free, solar-powered charging stations around the five boroughs of New York City. The project, apparently inspired by services AT&T offered following Hurricane Sandy, is just the latest iteration of public charging stations, which have become increasingly common as we rely more and more on our mobile devices.
While public charging stations are generally viewed as oases to people with low battery levels, they can also present serious risks to tech and IT business owners (and their employees) who rely on mobile devices for work.
Here’s what you need to know (and what you should warn your team about) before plugging in to the first free dock that presents itself.
Data Security Risks at Public Charging Stations
Not to get all alarmist, but if you own an IT business and let your employees use their own devices for work-related tasks (aka, you have a BYOD policy in place), you should be aware of the risks that public charging stations can present.
Because many mobile devices rely on USB-based chargers, it’s possible for hackers and cyber criminals to...
- Read some or all of the data stored on your device.
- Upload malware.
Why? Because most smartphones and other mobile devices are designed to make the transfer of data easy and quick. Anyone with the motivation, skill, and opportunity could potentially turn a public charging station into a data-retrieval or virus-spreading machine. (Here’s an article about an experiment that exposed the dangers of public charging kiosks to members of the tech community).
How to Avoid Data Theft when Charging Your Mobile Devices
So how can you prevent your valuable client and work information from being compromised or breached by malicious geeks (no offense)? Implement these mobile device data security guidelines for you and anyone who works for you:
- Request that your employees avoid public charging stations for work devices. Admittedly, the risk for data corruption at public charging stations may not be the most significant risk your business faces, but at least educating your team about the matter of data theft and malware at these kiosks can go a long way toward preventing risky behavior. For example: on some devices, turning off “USB Transfer Mode” has no effect on the machine’s actual ability to transfer data via USB.
- Request that employees power off mobile devices before charging them in public. More realistically, you can request that employees turn off their gadgets before plugging them in. In many cases, powered-down gear cannot be as easily compromised.
- Require employees to bring extra batteries when they travel. Eliminate the need for public charging by having your team bring backup batteries with them. That way, they can charge only the power source of their gadgets, rather than exposing the entire gadget to potential risks.
The bottom line? The threat of data theft and corruption from public charging stations is relatively minor in the grand scheme of things. Recognizing the potential for data theft from public chargers, however, is important as part of developing a risk-conscious mindset for using mobile devices for sensitive work projects that involve transporting and processing client data or proprietary information. (Read more about cyber risk in "Cyber Risk Reminder: Your Data Is NOT Property.")
Providing ongoing education to your team is an essential part of an overall risk management plan, which you need to have in order to minimize your company’s cyber liability exposure. (More information about managing Cyber Liability risk.)