Smartphones, PDAs left in cabs at alarming rates

Mobile devices are frequently being left behind in taxis despite warnings to protect them and the data they hold.

Smartphones, PDAs and cell phones are being left in taxis at an increasing rate, according to a recent survey by mobile device security vendor Pointsec.

The survey, which is in its fifth year, found that during the past six months, roughly 12,000 devices were left in cabs in the San Francisco-Oakland Bay area and the Washington D.C.-Baltimore area.

Marty Leamy, president of Pointsec, said the purpose of the survey is to show enterprises just how easily devices can be lost and data compromised.

"Looking at these results now, we are reminded that lost mobile devices are just a fact of life, even though we now understand the potential consequences for our confidential data," Leamy said. "The question for corporations is not what happens if we lose a piece of equipment, but what happens when we suffer a loss."

The survey of 85 taxi companies found that over the past six months, smartphones, PDAs, cell phones, Pocket PCs and laptops were frequently left in cabs.

Mobile phones are the most frequently lost, according to the survey, with 6,102 left in taxis in the Washington-Baltimore area and 2,754 lost in San Francisco-Oakland. The results offer a silver lining, however, in that 80% of the phones were returned to their owners in Washington, and 65% were reclaimed in San Francisco.

PDAs are also commonly left behind. The survey found that in the Washington D.C. area, 2,260 were left in cabs; the number in San Francisco was 306. The study also found that PDAs are more likely than phones to be reclaimed by owners, with 78% of San Francisco passengers picking up their missing PDAs and 93% in Washington.

When it came to laptops, users in California held onto theirs better than folks in metro Washington D.C. In Washington, 339 laptops were left in cabs, while only eight were forgotten in California. The good news is that of all the laptops left in cabs in Washington and San Francisco, all of them were returned to their owners.

But the devices' high return rate is no reason for a pat on the back, Leamy said.

For more information
Read more about securing smartphones

Check out a story on mobile compliance
"Even though some of these devices get returned, it is out of your hands for two to three days," he said. "In that time, you have a risk that your confidential data has been breached. Whether it's employee or personal data, it still isn't protected."

According to Bob Egner, vice president of product management and global marketing for Pointsec, many of the cab companies surveyed said devices are reunited with their owners only after the driver has turned on the device and looked through it for personal information on the owner.

"They turn it on and look around until they find the owner's name," Egner said, noting that once that phone is on, it could act as a data breach.

Although it's uncertain how many of the forgotten devices have some form of protection, many companies in the U.S. are not securing devices, Leamy said. Some may be password protected, but they don't have encryption turned on.

He added, however, that there is a turning point in the enterprise now that negative press concerning data breaches is influencing companies to protect devices before they get lost, before data can be compromised.

"There is a shift because of the fear of being in one of those infamous headlines," Leamy said. "Companies want to avoid that."

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.