Last year a new breed of worms exploited Bluetooth and MMS to reach mobile wireless devices, commonly carried by business executives, racking up toll charges, destroying stored data and resetting infected devices. These well connected, poorly defended devices are fast becoming a lucrative attack target, putting business data and networks at risk.
We will investigate business options for securing mobile wireless endpoints like smart phones and PDA’s. Specifically, we’ll examine the security measures that can be used to lock down PDA’s and smart phones that are used for business.
Market researchers have been predicting explosive growth in mobile device adoption for years. And last year that growth did finally happen. In fact, global shipments of mobile devices, including PDA’s and smart phones grew 6.6% in Q1 2006 relative to Q1 2005, to 3.65 million units. Most analysts expect mobile device sales to grow even faster in 2007, a forecast that is prompted in part by expansion of high speed networks services, such as EV-DO.
Although many mobile devices are now being purchased by individuals, business use of PDA’s and smart phones is still expanding. According to a 2005 survey conducted by Nokia, nearly 1 in 4 executives now use PDA’s for business. In fact, the workforce that is most likely to carry these mobile devices are those that require ready access to business data, like corporate email, meeting schedules, contacts, or even instant messages. This growth results in more and more corporate data being placed at risk by these mostly unmanaged and unsecured mobile devices.
Mobile viruses and malware are increasing in frequency and impact, spurred by business adoption and use of targeted mobile devices. This exposes corporate data networks whenever these mobile devices connect wirelessly or through cradled synchronization to access corporate data.
Redefining the Network Perimeter
PDA’s and smart phones are increasingly tethered to company resources through a myriad of connectivity options: Serial/USB port desktop synchronization; Personal area networks (IrDA, Bluetooth); Wireless wide area phone networks (CDMA, GPRS, 1xRTT, EV-DO); Wireless local area networks (802.11, WiFi); Wireless metropolitan area networks (802.16, WiMax).
In the past, most PDA’s and smart phones were primarily used to connect to the public internet, to browse the web or to access a personal mailbox. However, as mobile workforces have grown and companies have opened private networks to permit Internet-based remote access for travelers and teleworkers, this access has become pretty common through VPN (Virtual Private Network) gateways, web portals and Internet based servers like Microsoft OWA (Outlook Web Access).
Furthermore, the advent of WiFi and Bluetooth, now common on most mobile devices, means that these PDA’s and smart phones can now be connected to access points, wireless printers and other nodes that are inside a company network. Finally with all the buzz about wireless, it can be easy to forget that those USB connections used to synchronize PDA’s and smart phones with desktops PC’s, actually connect to the corporate network perimeter.