Mobile devices expose networks to security threats

The latest IT security threat plaguing the office is actually clipped to the belts and purses of a company's mobile workforce.

Wireless devices that can send and receive e-mail -- BlackBerries, Windows Mobile-based phones or other smart phones -- are emerging as serious corporate threats because they have become so advanced and widely used, yet are so thinly secured, that cybercriminals are targeting them as a path to corporate data, say security experts and vendors.

"There have been cases of viruses and other nasty things that can be done to mobile phones that have not really been serious yet, but they will be," says David Ferris, president of Ferris Research.

Mobile messaging threats come in a few flavors, according to David Champine, senior director of product marketing with security vendor Cloudmark. One is text-messaging spam, or quick Short Message Service (SMS) messages that mobile phone users receive directing them to a Web site where the sender is selling something, or in more sinister cases to a site that captures personal or financial information. This particularly annoying form of spam has been around for a few years, but hasn't been prevalent in the United States since text messaging is not as popular here as in Europe and Asia.

Much more menacing are the threats posed when employees access their corporate e-mail or other enterprise applications from a wireless device, Champine says. Because many mobile device users also check their Web-based mail and visit Web sites from these devices, which typically lack antivirus, antispam, Web filtering and other security software normally found on a PC, they are open to any threats lurking on the Internet and crossing e-mail connections, Champine explains.

Because an employee's mobile device -- often issued and approved by the IT department -- is open to such threats, so is the entire network when the employee connects to the company's Exchange server or enters data into a CRM application from the handset, he says.

"People trust these devices, they say 'I got it from my corporate IT guys, so it's got to be secure,' but attackers always look for the highest return from the least-known back door," Champine says.

Attackers also are preying directly on mobile service providers' networks.

McAfee, which makes mobile security software for companies and mobile operators that protects cell phones from viruses, Trojans and other threats, earlier this month released findings from a worldwide study it commissioned of 200 mobile operators. Of the respondents, 83 percent said their networks have been infected by threats that affect the mobile devices that connect to them.

Respondents also said the primary result these threats have had on their business is a decrease in customer trust and therefore satisfaction -- which can be a big issue in the mobile industry where customers will quickly jump to a competitor -- and network performance.

Cloudmark sells a version of its Authority e-mail security software for mobile operators that helps protect their SMS and e-mail networks from threats. But because most mobile device users open themselves up to unprotected Internet use, securing the service providers' networks won't solve the problem. IT managers should not let mobile users access their Web-based mail accounts from the same devices they access corporate resources, Champine says, and mobile device operating systems should be set for maximum security.

But there's a price to pay for greater mobile security. Mobile workers will no doubt grumble if they have to carry a personal phone for Web e-mail access as well as their corporate device, he says. And IT departments are likely to limit the amount of corporate data a mobile device can access, for fear of intrusion.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Cara Garretson

Network World
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?