Today's next generation mobile devices greatly enhance mobile workers' productivity, but they're also placing unprecedented demands on enterprise security infrastructure,and in turn, represent a threat to sensitive corporate data
Today's next generation mobile devices greatly enhance mobile workers' productivity, but they're also placing unprecedented demands on enterprise security infrastructure. And until the use of strong authentication becomes more widespread, enterprise mobile devices will continue to represent a threat to sensitive corporate data.
These were the main themes of a panel discussion Wednesday at CTIA Wireless I.T. & Entertainment 2005 entitled "Mobile Security: Meeting IT's Toughest Test." Industry figures explored key areas of weakness in enterprise wireless infrastructure, as well as the threats these pose to sensitive corporate data.
"As the number of mobile devices increases, so do the capacity requirements for the network, and that places greater strain on the security infrastructure," said Kara Hayes, product marketing manager of secure and mobile connectivity for Nokia Enterprise Solutions.
Hayes said that Nokia's new Business Center solution, the result of a partnership with RIM, Good Technology and Vista, addresses the enterprise email security issue by providing a direct encrypted connection with the corporate server for push email.
Next generation mobile handsets are capable of using different types of wireless networks, and they're being powered by a growing number of mobile operating systems. According to Scott Schelle, COO of Bluefire Security, Baltimore, this is stretching enterprise security infrastructure to its limits. "You're asking a system that was designed for one type of user, using one type of network at a time, to suddenly bridge into this multi-threat environment," said Schelle.
Todd Thiemann, director of Device Security Marketing for Trend Micro, agrees. "You might have someone who accesses an insecure Wi-Fi network and downloads a virus that is then spread to the mobile network or enterprise network," he said.
Although mobile viruses have thus far been mostly proof-of-concepts, Thiemann believes that certain types of devices could become attractive to hackers. "Smartphones are particularly susceptible to malware because they're not locked down," he said. The potential for a smartphone to become infected with a virus and start dialing 900 numbers creates a potential customer service nightmare for carriers, he added.
The current level of user authentication on mobile devices is another area of vulnerability for enterprise security. "Although mobile VPN encryption is capable, what is typically being used is simple password authentication, which is easily broken," said Stu Vaeth, Chief Security Officer of Toronto-based Diversinet Corp. Strong authentication could also prevent a malicious user from remotely accessing the corporate network and wreaking havoc, he added.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.