Note From The Author, Gus
Thank you for visiting our site. I hope the information herein was useful to you. Should you have additional PC-related questions or problems, click for help: FREE Tech Support Request. Stop searching and get solutions!
In a recent survey, sixty-nine percent of company respondents have employees utilizing personal mobile devices, such as smartphones and tablet PC’s, connected through corporate networks. More than one-fifth of these companies have no mobile security policy in place.
Wow, what an opening statement.1 To network administrators and technical support professionals, securing mobile devices is nothing new. Outside of the company of IT staff, however, unfortunately, there are new threats from the increased use of tablet PC’s. They pose a unique challenge to all companies that has largely been unaddressed to date.
Just when companies were getting familiar with the security risks and potential threats of the smartphone, now comes along tablets which present a slightly different threat. In addition to updating your IT policies, it certainly would not hurt to educate and train company employees on the use of their tablets and employ proper encryption techniques.
In a Government Security News article, The urgent need for mobile device security policies, the author says,
When gaps are uncovered in an environment, they must be augmented with new or updated policies; as is the case with mobile devices. ~Kevin Johnson, Senior instructor for SANS Institute and a senior security consultant at Secure Ideas.
So when discussing security policies and training, what exactly would they be comprised of? The answer to such is that it must start with a clear definition of user risk profiles. This is simply a matter of determining which devices pose the greatest threat, which devices to support, and how to support them.
With Android-based tablets on the rise, increased use in apples iPad versions, and soon to be deployed Windows 8-based tablet PC’s, there is no doubt these mobile devices have become more than a simple niche device. But the question is, why?
So why is it that the tablet PC has become more than just a better means to interact with online social networks? Corporate employees by these devices so that they may have fast access to their e-mail and calendars, Web applications, and interactive tools on a platform they are more familiar with. They can get all of this without toting around a heavy laptop.
As can be expected, tablets have created their own category. You have your typical laptop or desktop PC, Smart phones, and now it device that is somewhere in between.
The old the increased use of Tablet PCs is shown to be a hindrance to IT staff, the use of such devices are effective in increased mobility and productivity.
In order to stay on top of technology, it is imperative that a company utilize server technology that can span and support various platforms. A perfect example is that many employees will be utilizing BlackBerry, Apple, or Android-based mobile devices at any given time. It is then up to the company to make sure they have proper security in place for the different operating systems utilized.
This would seem a better approach rather than dictating one platform over another, as the evolution of technology increases, your business will need to take advantage of new technologies to stay competitive.
However, this does not mean for you to have it wide open plan to support all platforms. Just as with all other strategies and technologies, there must be good reason to support the various operating systems.
What is it about a tablet PC that provides a threat beyond the use of the traditional computer or smart phone? The answer to this is really two-fold; malicious apps running on open-source operating systems, or the use of traditional software applications in an environment that is less secure.
As of the date of writing this article, tablet PC’s are not marketed with built-in firewalls or any type of protection software to stop viruses and spyware. This alone poses the greatest threat to any company network, as this provides an open portal for hacker to access the network via connected tablet PC to the public Internet through the corporate connection.
Though it is not just about the lack of security software, it is about securing the device from malicious code hidden in mobile apps. As you can imagine, this issue is only going to widen due to the range of various tablet PC versions that are on the market today which, to date, is fifty and growing strong.
Not only take into consideration the devices, but the various software applications that run on such devices as tablet PC’s. In an article, Social engineering: 3 mobile malware techniques, the author quoted industry expert, Lenny Zeltser, saying, “From a users perspective it is very hard to distinguish between an app that is legitimate with an app that turns out to be malicious,” ~Joan Goodchild
There is one additional threat which has been an issue ever since smart phones were introduced to computer networks, and that is when one becomes lost or stolen. Just as with smart phones, most users of Tablet PC’s neglect to utilize the built-in authentication tools, much less employed any type of data in connection encryption.
The additional risk here is something mentioned previously, mobile applications. In an article on Lookout, Introducing the App Genome Project,
the founders John Hering and Kevin Mahaffey initiated the App Genome project to understand what mobile applications are doing and use that information to more quickly identify potential security threats. Their survey revealed that roughly one-third of all mobile apps access a user’s location, and 8% to 14% access a device’s contacts. Suffice to say, most tablet PC owners rarely read the presented warnings before installing the apps.
So what can we learn from this? It is time to develop and implement proper mobile security risk protocols that include a supported device list and a means to curtail the potential threat of applications by utilizing a strict mobile app download list, or altogether limit the accessibility and connectivity of the devices to company networks, and restrict what confidential information can be stored on them.
In the above article we discussed the market of Tablet PCs, the risks associated with them as they pertain to technology and other threats, and some possible mobile security solution measures to thwart hacker attacks.
(1) The article this information came from, Just say yes: Why banning consumer devices makes your organization less secure, provides additional, staggering numbers.