Avoid mobile security headaches

Wednesday, 1 October 2003, 3:08 PM EST

Being online anytime, anywhere sounds great ... in principle. But access devices such as airport or tradeshow internet kiosks, hotel computers, wireless PDAs or a friend's home PC are beyond the control of IT managers and, for many, this may sound like a risk too far.

There is every reason to be cautious about enterprise access from unmanaged devices. Threats such as Trojan horses, key stroke loggers and uncontrolled viruses and worms are even greater when unknown devices access the corporate network.

Until now access was only possible on corporately managed laptops, and their customised, locked-down configurations ensured that only authorised devices were allowed access to the enterprise server.

Because of this, remote access security has focused on ensuring that the user of the remote device is indeed the person they claim to be. And many methods have been tried, such as one-time passwords and smartcards.

But today we must go beyond just authenticating users and extend ourselves to managing the risks inherent in the users' computing environment: their operating systems, browsers, applications and even the type of network they are on.

[ Read more ]


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th