Mobile Device Processors: Are You Putting Your Sensitive Data at Risk?

Jun 24, 2020 Blog Article

The secondary mobile market has exploded in the past few years; however, with this growth has come questions about trust. How do you know which vendors you can count on to protect your company and customer data? And what are some of the potential warning signs that companies could be putting this data at risk? Read on to find out.

Vivian Cullipher Vivian is a career writer and editor, having covered technology-related topics for government and B2B organizations since before LinkedIn and the iPhone. As Blancco’s head of content, she oversees the development of thought-leadership-based copy for web, social media, and other Blancco communication channels.

When Processing Mobile Devices, What Software Vendors Can You Trust?

In an effort to provide clarity within the mobile processing industry, we have important information for you on some concerning tactics that are being used by a number of organizations to increase the competitiveness of their products. Unfortunately, these tactics could also be putting your business and your customers at serious risk by exposing sensitive data.

As a mobile device processor, it’s important to keep tabs on the integrity of your operations, particularly when it comes to data handling and erasure. Read on to learn three ways mobile software vendors are currently putting your customers’ data and your reputation at risk.

Also, for a deeper discussion of these topics, watch our on-demand mobile webinar for mobile device processors: “Trust in the Second-Hand Mobile Market—Is Your Data Secure?” presented with CTIA.

#1. Outsourcing Software Development to Untrusted Overseas Partners

There are certain countries that rank lower on the trustworthiness scale when it comes to privacy. We won’t explicitly list them, but it’s likely you probably have a pretty good idea already.

The question you must ask yourself is, “Where is the software that I’m using being developed?” Are your vendors doing development in-house, or are they outsourcing? And if they are outsourcing, to whom are they outsourcing, where are they located and how are these being vetted? Development in North America and Europe are usually the safest bets for global companies, though there are plenty of other areas in APAC that have a great reputation as well.

Large private and public organizations that value security are taking notice of these issues—including the U.S. government. In 2019, the U.S. prohibited government institutions from using cybersecurity products provided by or using software made by Russia-based Kaspersky Lab. Similar issues have popped up with China-based company Lenovo and Chinese telecom giant Huawei.

Companies that rely on development in less trustworthy countries often do so to save money; other times, they are eager to tap into some very innovative resources and talent, but at what cost? Even if you are okay with taking this risk, have you been transparent with your customers and partners to affirm their approval?

#2. Using Illegitimate Access to Databases to Collect Key Information

Some advanced mobile diagnostic, lock, and erasure features require certain access and permissions; often, software vendors are using illegitimate access to databases to get this information. This can be from third-party sources that operate in the shadows or perhaps from another company, such as an Apple Authorized Service Provider, that is sharing its Global Service Exchange (GSX) credentials with another, unauthorized company to turn a small profit.

These smaller companies often go undetected because they are not processing enough devices to raise an alarm. However, as their customer base grows, so does the concern that they will be discovered. At that point, their key features, such as FMiP status or Carrier Lock Detection will go away, no longer being available until a new source is found. If your vendor has these capabilities, it’s worth asking for proof they have authorization to extend access or insights from verified sources. Otherwise, those critical data points may disappear at any time.

Learn how to find the right mobile diagnostic software for your business. 6 Critical Features for Mobile Processors Looking for the Best Mobile Diagnostic Software

#3. Not Focusing Enough on Security

Number three may seem a bit obvious, but for many mobile software providers, security is not the number one priority—profits and expansion are. Whether its accreditation through ADISA, achieving key certifications like the security-focused ISO27001, the quality-focused ISO9001, focusing on the security features offered in a product (e.g., complying with globally-recognized mobile erasure standards, providing digitally-signed erasure certificates), or the development process itself (e.g., including secure code review), security needs to be paramount in every facet of the vendor’s offering. This includes having full control over chain-of-custody and customer and company data. Without these things, the entire business could be put in jeopardy.

We’ve all witnessed the negative impact of breaches in terms of revenue loss, damage to brand reputation, loss of customer trust, operational downtime, fines, legal action and even worse, an entire collapse of the business. For these reasons and more, security must be the cornerstone of any solution.

Where Blancco Fits within Mobile Device Processor Operations

Blancco’s Mobile Solutions (BMS) app coupled with our globally certified Blancco Mobile Diagnostics & Erasure (BMDE) software offers the most complete mobile software platform for retailers, insurers, refurbishers, 3PLs, mobile resellers and other mobile processing firms. Blancco solutions are developed by our dedicated in-house, European mobile development teams, with an emphasis on integrity and adherence to global quality standards. Furthermore, we offer best-in-industry, multi-tiered, 24/7 global support that can be tailored to fit customers’ specific needs.

And while security is our number one priority, many of our product features are also worth talking about. BMDE offers the industry’s most comprehensive triaging solution, along with Blancco Intelligent Business Routing and Mobile Workflows. These features allow mobile device processors to efficiently route devices based on a multitude of variables, as defined by specific business case. This leads to reduced mobile device processing times, lean operations, increased profits, and accelerated operator onboarding.

At Blancco, we place great emphasis on the integrity of our company and our products. Our customers and partners rest easy knowing we won’t source new features from untrusted parties; however, they also know we are amazing at what we do, and we are proud to have full control of our process.

Free Data Erasure Trial for Mobile Device Processors

Learn why organizations trust Blancco for their mobile processing environments. Request your free trial today.