Mobility puts more pressure on security

As the mobile market continues to heat up, even surpassing that of the desktop, it is important for corporations to maintain a high level of security around these devices.

Companies will have to battle the many standards that surround mobile security, not to mention the decreasing costs, according to Steve Rampado, a security services analyst at professional services firm Deloitte and Touche.

As the costs continue to decline, there is not much stopping employees from heading to Future Shop, or other retailers, and buying a laptop – thereby foregoing IT completely, Rampado said from his Kitchener, Ont. office.

“This will bypass all efforts to secure devices to a gateway – if people are just bringing them in from outside and plugging them into a boardroom,” Rampado said. “(Mobile devices) are coming out of the box and they are not security-enabled.”

Many laptops, he said, geared to the home user are making their way into corporations.

Deloitte’s message is for people to “please take precautions,” Rampado said.

Jason Conyard, director of wireless product management at Symantec Corp. in Cupertino, Calif., said the first part of building a secure wireless infrastructure is to make sure you have a secure wired infrastructure.

“Building or adding on wireless capabilities to an infrastructure that is not secure, is not healthy,” Conyard said. He added that the mobile devices seem to be outpacing the networks they should be running on, in terms of technical ability.

Toni Rosati, vice-president of marketing for Mississauga, Ont.-based Certicom, a wireless security solutions company, said enterprises really seem to want to find a way to use the applications they used for desktops. He noted this is a good thing because many of the different uses people have for laptops are those they had for desktops – e-mail, calendaring and Web browsing.

Rosati said virtual private networks (VPN) allow enterprises to extend networks over the Internet through secure tunnels.

Doug Cooper, country manager for Intel of Canada, said IT departments should incorporate profiles and access codes for people wanting to sign onto a network via a mobile device. It is also important to have an inside firewall.

“The good news for IT is that this is a pretty straightforward roadmap,” Cooper said.

Conyard suggested using authentication software or even taking advantage of biometrics technology embedded into devices, such as fingerprint readers.

The practice of war driving – whereby crackers literally drive around in search of vulnerable wireless networks via a mobile device – is another consideration, according to Conyard and Rampado.

Conyard advised companies to encrypt not only on-device data but the air connection as well. He said 802.11b, an air connection, is not secure.

Rampado called war driving one of the biggest concerns.

“It is out there. You can go on the Net and there are access point mapping sites. It’s turning into a hobby for hackers,” he said.

Along with encryption, VPNs and authentication to the networks, fighting an insecure wireless infrastructure takes frequent monitoring and frequent auditing.

Rampado said there has also been talk of wireless intrusion detection systems, but he hasn’t come across any yet.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now