Mobile devices are now a critical aspect of the modern workforce.Now consider that Microsoft Office on mobile devices is nearly ascommon as using a laptop. The recent News of the World scandalin Britain has increased the focus on mobile device security. Giventhe realities of the modern day work environment, the use of these devices to access the sensitive data of organizations large and small will continue to grow and mobile applications will proliferate. Researchers haveestimated that mobile data usage will grow 12-fold by 2014. According to a Carnegie
Mellon University study, 4 in 10 organizations have had mobile devices lost or stolen,
and half of those devices contained critical data.
Mobile device use has exploded and the increaseduse has caught the attention of hackers. The numberof pieces of mobile malware introduced in 2010 increased by 46 percent over what we saw in 2009.That 2010 number equates to nearly 55,000 newmalware threats each and every day! What is importantto note is that when users sync up with their computers, often times malware is transferred.
Another security issue is the common use of these devices in open/public locations
and networks. Many locations offer open and free internet access via their networks—
Starbucks is a good example. They are common at cafés, restaurants, airports,
hotels, parks and a wide variety of other locations. The vast majority of these
connections are not secure. They are designed for ease of access rather than security.
Users taking advantage of this type connectivity must be educated on the risks of
connecting to these networks and must be very careful.
A second and equally critical security issue for mobile devices addresses the ability to
cleanse the device, SIM card and memory chips. Bottom line is to ensure no one can
recover information from the device, all of these devices should be destroyed (ground
up) at their end of life. If any of these devices are being reallocated to other employee
within the same organization, at a minimum remove the existing SIM card,
destroy it and replace it with a new one.
Mobile devices pose a huge challenge for security professionals. A comprehensive
program that includes policies and security technology must be established in order to
stem the growth of successful attacks on this class of device. In addition, accessing
sensitive data over these open networks may be a compliance issue as well and we all
know how pleasant compliance violations can be!
Author: Kevin Coleman, Technolytics Institute