Avoid mobile security headaches

Wednesday, 1 October 2003, 3:08 PM EST

Being online anytime, anywhere sounds great ... in principle. But access devices such as airport or tradeshow internet kiosks, hotel computers, wireless PDAs or a friend's home PC are beyond the control of IT managers and, for many, this may sound like a risk too far.

There is every reason to be cautious about enterprise access from unmanaged devices. Threats such as Trojan horses, key stroke loggers and uncontrolled viruses and worms are even greater when unknown devices access the corporate network.

Until now access was only possible on corporately managed laptops, and their customised, locked-down configurations ensured that only authorised devices were allowed access to the enterprise server.

Because of this, remote access security has focused on ensuring that the user of the remote device is indeed the person they claim to be. And many methods have been tried, such as one-time passwords and smartcards.

But today we must go beyond just authenticating users and extend ourselves to managing the risks inherent in the users' computing environment: their operating systems, browsers, applications and even the type of network they are on.

[ Read more ]


More than a third of employees would sell company data

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 31st