Avoid mobile security headaches

Wednesday, 1 October 2003, 3:08 PM EST

Being online anytime, anywhere sounds great ... in principle. But access devices such as airport or tradeshow internet kiosks, hotel computers, wireless PDAs or a friend's home PC are beyond the control of IT managers and, for many, this may sound like a risk too far.

There is every reason to be cautious about enterprise access from unmanaged devices. Threats such as Trojan horses, key stroke loggers and uncontrolled viruses and worms are even greater when unknown devices access the corporate network.

Until now access was only possible on corporately managed laptops, and their customised, locked-down configurations ensured that only authorised devices were allowed access to the enterprise server.

Because of this, remote access security has focused on ensuring that the user of the remote device is indeed the person they claim to be. And many methods have been tried, such as one-time passwords and smartcards.

But today we must go beyond just authenticating users and extend ourselves to managing the risks inherent in the users' computing environment: their operating systems, browsers, applications and even the type of network they are on.

[ Read more ]


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th