Feeds

Era of picking your own PDA draws to a close

Security concerns force firms to standardise

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Firms may soon mandate the use of particular handheld devices and mobile phones in order to establish some kind of control over security risks.

That's the view Symantec's director of wireless strategy, Jason Conyard, who is encouraging firms to develop security policies to combat mobile security threats such as hacking into wireless networks and next-generation malicious code.

Conyard isn't suggesting a particular platform (Symbian, Palm OS, Pocket PC) for firms to use. He said standardising on the same device and configuration to limit both support costs, and manage security exposure, is more important that what the device a firm might pick.

Symantec is under no illusions that implementing a mobile security policy will be easy.

Users are used to choosing their own mobile device based on what they consider "cool and sexy" and a change in culture to use of uniform corporate issue kit is unlikely to go down well. Low adoption of current security standards (often "too complicated" according to Conyard) is another issue. Tools for managing the application and configuration of mobile devices are "very basic", Symantec admits, which hardly helps.

Enterprises (or service providers) run the risk of running foul of the Data Protection Act if they don't access due care over customer data, which might be exposed by flaky wireless security, so Symantec is right that the issue can't be simply ignored.

Wireless LANs can be secured by measures such as only allowing access over a VPN and restricting use to authorised devices but anecdotal evidence suggests 802.11b networks are often put up which are wide open to drive-by hacking.

This is only the start of the problems that Symantec outlined in a threat timeline for us today. Threats we take as serious include DoS attacks on mobile networks in 2002, location based spam (late 2002) and hacking attacks on GPRS networks in 2003. Very nasty.

We're far less convinced about the emergence of mobile viruses on next-generation phones, in part because the anti-vendors like Symantec have such a vested interest in hyping this one up.

It remains unproven whether Symbian or even Stinger-based devices will be particularly susceptible to mobile viruses even as they become more common-place and therefore a more attractive target to s'kiddies. The basic PDA viruses we've seen so far have not convinced us that we'll see wireless worms along the lines of the Anna Kournikova virus by 2003, as Symantec suggests.

If mobile phones ever come with Word macros or potentially infectious mobile attachments things will change but, for now, the threat remains unproven. ®

Related Stories

Rogue WLANS - the next security battlefield?
Secure the Wireless Network firmware
War driving - the latest hacker fad

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.