A Best Buy incident this month, however, is a grim reminder that saved passwords or tokens can expose employees to sensitive data—and capabilities—far beyond the bits and bytes of that device. At a Best Buy in Denver, according to multiple news reports such as this one from ABCnews.com, a store associate was working on a customer's phone when he found that he had access to that customer's Facebook account. The associate used it to post an untrue message as a joke. The message said, "I am gay, I'm coming out."
With social sites such as Facebook, that password doesn't merely give access to that customer's information. It also provides access to the comments, photos and other items from other "friends" of that customer. Clearly, bank-account passwords pose an entirely different serious danger.
Also, it's not merely an issue of chains that do customer repairs. What about your own employees? IT handles internal repairs of lots of devices, including smartphones. What if that Facebook joke was done with the login of your CEO? How would you like to try and explain that to your boss?
In the Best Buy incident, the employee was reportedly fired. But that doesn't undo the damage to the brand. Or protect against any future legal actions. (Anyone who thinks this customer hasn't already spoken with at least one litigator should seriously consider limiting his/her alcohol intake.)
What to do about this? A few possibilities.
First, IT should seriously consider whether repairing customer systems is a necessary service, given the huge risks involved. It's not merely the security and privacy risks. Repairs themselves have a high chance of not being successful, often for reasons that have nothing to do with your people's efforts.
Where possible, have the data removed before the device is turned over to you. Laptops or desktops where the customer retains the hard-disk would be ideal, but that is often not practical. Mobile device repairs are especially tricky. Besides, many repairs are shipped out to third parties. The devices go out, but the liability stays with you.
Assuming you need to handle repairs—and chains such as Best Buy and Apple would seem to have little choice—the next issue is limiting exposure. Block off Web access from that group, on the rational that true Internet access is hardly ever needed for a repair. Local LAN access—with Internet access blocked—is almost always more than adequate.
Surveillance cameras—and strict requirements that all repair work must be done in front of those cameras—is another good idea. A chain could take surveillance to the extreme and install—in front of the customer—third-party spyware so every keystroke can be tracked during the repair. Spyware is likely a bad idea, both because customers would be worried that it wouldn't all be removed and because a technically strong associate could get around the spyware program.
But something needs to be done so that your customers—and your senior management—know that safeguards of some type are in place.