Upgrades And Updates: Why Smart Organizations Stay On Top Of Both

A software upgrade to Apple iPhones introduces a new feature that some police and cybersecurity experts say can result in users' contact information being shared with strangers.

The update for iPhones introduces a new feature called "NameDrop." This function allows users to share their contact information more easily. When two users hold their phones close together, they will receive a pop-up window notifying each that another would like to have their contact card, which can include email, phone number, birthdate, home address, and other information.

The user does have to accept the request before any information is shared, but experts warn that children in particular may not pay attention, and simply choose "accept" when a stranger is standing close and requesting their contact information.

The NameDrop feature is on by default, but users can turn it off in the Airdrop heading in General Settings, under the "Bringing Devices Together" tab. "Apple's iPhone iOS17 NameDrop feature 'major red flag' for cybersecurity, expert says" www.cbsnews.com (Nov. 27, 2023).

 

Commentary

 

It is a good idea for organizations to evaluate new features from hardware providers to determine if they present an organizational security risk. For example, here is a link to the Apple support page for its latest update, showing all the features.

Organization should also address the importance of keeping mobile device firmware and software updated because updates often contain important security features that address emerging threats.

Despite your best efforts, your personal or organizational devices may become compromised. Here are signs that could indicate personal identifiers may have been stolen:

·  Unauthorized charges appear on credit or bank accounts.

·  Being denied a line of credit for a poor credit rating, despite a history of good credit

·  Failing to receive credit card or bank statements in the mail as expected

·  Being contacted by creditors about money owed for items you or your employer did not purchase

·  Failing to receive new or renewed credit cards in the mail

·  Merchants refuse to honor checks.

·  Medical providers bill you for services you did not receive.

·  A health plan rejects a claim because you have reached your spending limit.

·  The IRS notifies you that more than one tax return or refund request was filed in your or your employer's name.

·      An organization you do business with, or have an account with, notifies you that a data breach compromised your, or your employer's, information.

 

Finally, your opinion is important to us. Please complete the opinion survey:

News

Data Compliance Audit: A Double-Edge Sword When Defending Data Security Claims

A new report claims a surge in ransomware attacks. Compliance audits are necessary to limit risk, but there is a dark side to audits if organizations are not ready to comply. Read More

"Juice Jacking" Alert: FBI Warns Of Bad Public Charging Ports

In an unusual move, the FBI warns the general public to stay clear of public USB charging ports. We explain why "juice jacking" is a threat. Read More

Biometric Authentication: Still Not Ready For Prime Time

A bank's choice to rely solely on biometric authentication was quickly shown to be a risk. We explain. Read More