"Cough! Cough!" Yes, That Was Your Smartphone Wheezing At You
Believe it or not, the first mobile viruses began appearing back in mid-June 2004. The Cabir worm and Mosquito Trojan both targeted smartphones that run the Symbian Series 60 operating system, which is the most widely used smartphone platform across the world. Others targeting Windows Mobile appeared later. Should the enterprise be concerned? Hell, yeah!
Believe it or not, the first mobile viruses began appearing back in mid-June 2004. The Cabir worm and Mosquito Trojan both targeted smartphones that run the Symbian Series 60 operating system, which is the most widely used smartphone platform across the world. Others targeting Windows Mobile appeared later. Should the enterprise be concerned? Hell, yeah!With wireless devices becoming more sophisticated all the time (I found an app that let's my BlackBerry manage my multiple personality disorder), malicious jerks have decided to have even more fun at our expense (apparently destroying our hard drives, sending billions of spam messages from our IP addresses or accessing our bank accounts just isn't enough for them).
While your average run-of-the-mill Java or BREW phone (read: crappy feature phone) is probably safe for the time being, phones that run Symbian, Windows Mobile, Palm OS and RIM OS are much more at risk and it's surprising to see how quickly and in how many ways naughty code writers have found to use abuse them. With more and more sensitive corporate data stored on these devices, mobile viruses are a rising threat that can't be ignored by the enterprise.
Unfortunately for IT departments, this means being the bad guy for a while, as there are some simple ways to protect enterprise data from this threat.
1. Don't let employees back-door the devices in. If they buy a smartphone over the weekend and want you to activate enterprise email, access, whatever, come Monday morning, tell them tough luck. I don't care if it's the CEO. Don't forget that employees are sneaky, and don't like hearing no for an answer. You may have to buy software that sniffs out unauthorized devices (the CEO's Treo, that S.O.B.!) that are accessing the network and pro-actively find them and terminate their access. (Don't worry, the CEO should thank you for protecting his network.)
2. Create strict policies for mobile equipment. Decide what can be accessed and what can't. Force employees to use security features, passwords, on-device encryption and so on. Make them pick hard passwords. Forbid employees from downloading anything not directly related to work, like games or wallpapers of Miss January.
3. Install antivirus software on the devices. Believe it or not, there is already an industry swelling here. Talk to your wireless carrier about the best options.
4. Control the phones' Bluetooth. Even though it's fun to say "Bluejacking" and "Bluesnarfing", Bluetooth has become an easy entry point for mobile viruses. Cabir took advantage of Bluetooth to sneak inside handsets and place calls to expensive 1-900 numbers, running up the bills.
5. Educate employees. Most people haven't heard of mobile viruses, and may not really believe in them. With threats to security increasing all the time, you should hold regular meetings or provide regular updates to inform employees about the risks they and their devices face every day.
If employees come to hate the IT managers for being strict policy enforcers, too bad. They aren't at work to be liked, they are there to keep the network and its data protected.
InformationWeek Elite 100Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
The UC Infrastructure TrapWorries about subpar networks tanking unified communications programs could be valid: Thirty-one percent of respondents have rolled capabilities out to less than 10% of users vs. 21% delivering UC to 76% or more. Is low uptake a result of strained infrastructures delivering poor performance?
Top IT Trends to Watch in Financial ServicesIT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Join us for a roundup of the top stories on InformationWeek.com for the week of October 9, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."