Enterprise Mobile Device Security: Unknown Networks - dummies

Enterprise Mobile Device Security: Unknown Networks

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

The nomadic existence of mobile devices and propensity for tethering means much greater security exposure to unknown networks. Therefore, intrusions are far more likely on these devices than on a fixed desktop. Here’s why:

  • A mobile device is always on the go.

  • Smartphones support a plethora of interfaces.

Bottom line: The likelihood is very high that any given smartphone is connected to one or more wireless networks almost all the time and could be anywhere.

Typically, these intrusions are in the form of an infected machine in the network. Nomadic users connecting to ad hoc, unencrypted networks present a very tantalizing target for hackers. Hackers could be on that same network with an infected machine or could have infected a device that they’re controlling remotely from their console with the express purpose of attacking unsuspecting users as they attach to these networks.

So what can you do? Education, education, education. Your users need to follow these guidelines:

  • Check for the security posture of a wireless network you are connecting to. Is it encrypted (WEP, WPA, WPA2, and so on)? If not, understand that there are risks associated with connecting to this network.

  • Use the company-provided VPN client to ensure that all traffic is encrypted.

  • Run the antivirus/firewall client after you log off from the network to look for any potential breaches that may have occurred.

Your panacea is to periodically scan your enterprise-issued mobile devices using the antivirus, firewall, and newer forms of threat-detection solutions as they emerge, assuming your users will be constantly coming on and off public networks.

For non-enterprise-issued devices, there is little you can do in terms of exercising control at the endpoint, so your posture should be more defensive, looking for threats emanating from the mobile that could attack the enterprise and using your network-based security solutions to prevent against this.