Date:20/09/11
There are more risks to enterprises making use of mobile devices than just malware; these include location tracking and poor device configuration, according to Dr James Lyne, director of technology strategy at security firm Sophos.
Lyne said that the bigget challenge with mobile device security is not the growing volume of malware, but users' misconception that the devices are safer than their desktops.
"The biggest mobile security issue will be that users believe the devices are secure. Our biggest problem is awareness," he said. Lyne added that most users are not aware that mobile devices give out a great deal of sensitive information when on a default setting.
"Mobile devices give away a hideous amount of information constantly. They continually broadcast the names of previous networks they've connected to when trying to find them. "Cyber criminals can then create a network with the same details, and these devices will blindly connect to them."
The person who has set up this network will then be able to steal any unencrypted information that is passed along it. Lyne said that this configuration issue affects all mobile devices, from smartphones to tablets.
"It's not malware that's the problem, it's the configuration of the device. It can affect iPads, iPhones or anything else."
He also explained that many devices tag photos and sometimes blog posts (including Twitter entries) with geographical data that cyber criminals can use to map out a mobile user's routine, including their work and home addresses.
"You wouldn't give out your postcode to a stranger on the street, but we upload photos that contain GPS info up to the web.
"Cyber criminals can figure out where you work and live, and when you go on holiday, and this information can be published on sites like pleaserobme.com." Lyne advised IT departments to regularly update their mobile security strategies, and to ensure staff are made aware of the dangers.
"Define a six month not a three year mobile security strategy. Technology is moving too quickly, and needs to be regularly appraised. "Wrap mobile security into education and awareness training.
If we start investing now in having users apply the same best practices to mobile as they do to desktop, then there won't be a lag when adoption goes mainstream," he concluded.
Sophos: poor mobile configuration is as dangerous as malware
There are more risks to enterprises making use of mobile devices than just malware; these include location tracking and poor device configuration, according to Dr James Lyne, director of technology strategy at security firm Sophos. Lyne said that the bigget challenge with mobile device security is not the growing volume of malware, but users' misconception that the devices are safer than their desktops.
"The biggest mobile security issue will be that users believe the devices are secure. Our biggest problem is awareness," he said. Lyne added that most users are not aware that mobile devices give out a great deal of sensitive information when on a default setting.
"Mobile devices give away a hideous amount of information constantly. They continually broadcast the names of previous networks they've connected to when trying to find them. "Cyber criminals can then create a network with the same details, and these devices will blindly connect to them."
The person who has set up this network will then be able to steal any unencrypted information that is passed along it. Lyne said that this configuration issue affects all mobile devices, from smartphones to tablets.
"It's not malware that's the problem, it's the configuration of the device. It can affect iPads, iPhones or anything else."
He also explained that many devices tag photos and sometimes blog posts (including Twitter entries) with geographical data that cyber criminals can use to map out a mobile user's routine, including their work and home addresses.
"You wouldn't give out your postcode to a stranger on the street, but we upload photos that contain GPS info up to the web.
"Cyber criminals can figure out where you work and live, and when you go on holiday, and this information can be published on sites like pleaserobme.com." Lyne advised IT departments to regularly update their mobile security strategies, and to ensure staff are made aware of the dangers.
"Define a six month not a three year mobile security strategy. Technology is moving too quickly, and needs to be regularly appraised. "Wrap mobile security into education and awareness training.
If we start investing now in having users apply the same best practices to mobile as they do to desktop, then there won't be a lag when adoption goes mainstream," he concluded.
Views: 825
©ictnews.az. All rights reserved.
Similar news
- Mobile operators of national market to reduce roaming tariffs
- Iran vows to unplug Internet
- China Targeting Telecoms in Corruption Probe
- Bangladesh to use electronic voting system for next elections
- Philippine IT sector to launch five-year digital strategy plan
- Russian Premier Vladimir Putin meets ITU Secretary-General Hamadoun Touré
- US lawmakers propose to regulate use of geolocation data
- Unlimited mobile data plans dying as telcos gear up for cloud future
- Europe at risk of falling behind US and Asia on 4G use
- Netherlands first to regulate on net neutrality
- Korean Co Takes Aim At Display Patents
- Regulators, Banks Look for IT Hires After Breakdowns
- Electron transactions spreading
- Schools in remote rural areas will connect to the single database via network without SIM
- Obama to Personally Tweet From Twitter Account
