security plan

Threat on a belt

Sun, 04 Mar 2007 19:01:36 -0500

The most serious threat to your network might not come in through a web application vulnerability exploit, but clipped to the belt of a mobile professional. High-capability smart phones and wireless PDAs roam the world beyond your firewall then come sailing through the front door on the hip of a trusted employee. Security experts say that malicious code, transmitted by SMS to a mobile device and then transferred to the network through email synchronization, must be accounted for in any modern security plan.

For more on new mobile threats:
- read the article at Network World

Small devices make big security holes

Sun, 25 Feb 2007 19:01:38 -0500

Just because your mobile device uses a different operating system than your database server doesn't mean that malware and attacks can't move from your handheld to your server. As the number of highly mobile devices has grown, the attacks through those devices have kept pace. Software protection suites for smart phones, PDAs and other mobile wireless devices are now available and should be deployed on every corporate device. File encryption (for every file on the device) and user training for safe use and physical security are additional measures that should be a part of the total corporate security plan.

For more on protecting your wireless devices:
- read the article at ComputerWorld

How to develop a mobile device security plan

Sun, 11 Sep 2005 20:01:37 -0400

The growing use of mobile devices poses an increasing security risk for enterprises, and like any good technology management strategy it's best to have a security plan built before the threats and risks turn into security headaches. As one expert explains, today's platform phones -- devices featuring an open operating system, based on Palm, Microsoft, Symbian or Linux -- should be viewed as mini-PCs and will house the same critical, valuable enterprise data tied to desktops.

The first management step is developing an inventory on all devices viewed as a corporate asset and used to share, transmit or store company data. Then it's time to map out new mobile use policies or revisit current ones to ensure they're up to date and cover all the specific issues. Are users allowed to store non-company data such as music or games? How often are they expected to run spam and virus programs to keep security requirements up to date? Then design a response strategy if and when a device is lost or breached. What is the user expected to do and what will be the IT response effort? Experts relate that the same security approach given to desktops and laptops must be expanded to include any mobile device to ensure network and data security.

For more on mobile phone security:
- read this article at TechWorld

PLUS: How to secure those popular PDAs and data. Article