Mobile devices, such as mobile telephone handsets, personal digital assistance (PDAs), portable computers, etc., often store sensitive information locally on the devices. For example, if the device is a mobile telephone, data stored locally on the device may include telephone numbers, pictures, email addresses, text messages, website history, cookies, documents, etc. As long as the device is in the possession of the authorized user, the sensitive information may be protected from unauthorized access. However, if the device is lost or stolen, without protective measures, the sensitive information may be subject to unauthorized access.
In addition to storing sensitive information, mobile devices also contain functions for which it is desirable to prevent unauthorized use. For example, the calling and messaging capabilities of mobile telephones can generally be used by anyone who activates the phones. Allowing an unauthorized to user to use the mobile phone functionality may result in the authorized user's account incurring charges. In addition, when an unauthorized user uses a mobile device, the unauthorized user can masquerade as the authorized user. For example, if the mobile device is a personal computer, the unauthorized user may be able to send email or other communications from the authorized user's email account.
In light of the sensitive data stored by mobile devices and the important functions provided by mobile devices, security measures have been developed. One of the oldest security measures is to require a user to input a user ID and a password to access data and/or functions of a mobile device. While this measure is commonly used, people usually do not select strong passwords. One reason for poor password selection is that a password that is strong or difficult to guess is also hard to remember.
Another conventional method used to protect data stored on a mobile device is encryption. If sensitive data is encrypted, when a mobile device is lost, the unauthorized user may not be able to access the data without knowing the encryption key. One problem with encryption is that it requires specialized hardware and/or software. Another problem with encryption is that it relies on security of the user's key or password.
Still other mobile device security measures that have been implemented include tracking mechanisms and automatic disable or erase mechanisms. For example, computer services have been developed that track mobile devices. For example, one service includes software that runs in the background on laptop computers. The software disables the speaker on the computer's modem and automatically dials a number corresponding to a monitoring center. The monitoring center can be configured to erase all of the data from the computer's hard disk drive once contact is achieved after the monitoring center has been notified that the computer has been stolen.
One problem with data delete services, such as the one described in the above-referenced paragraph, is that these services do not allow users to define a hierarchy of security actions depending on the context of loss of the mobile device. For example, it may not be desirable to delete all of the data from the hard disk drive of a mobile device if the user has only temporarily misplaced the device. Using conventional data delete services, the data on such a device would be deleted. There is no ability to define a less severe action to be performed for temporary misplacement followed by a more severe action once it is learned or suspected that the device has been stolen.
Another problem with conventional data protection services such as the data delete service described above, is that such services require that the device be connected to a network in order to operate. When a mobile device goes out of range or is otherwise prevented from connecting to a network, the data protection service is unable to implement the security function.
Accordingly, in light of these difficulties associated with conventional mobile device security mechanisms, there exists a need for improved methods, systems, and computer program products for providing context-based, hierarchical security for a mobile device.