Personal Tech Pipeline | Mobile Security

White Papers

Sponsor Resources

Free Newsletter GlossaryContact UsAbout Us
Players & CamsPhones & PDAsHome & AutoOnline

October 17, 2005

New Hacker Targets: Cell Phones And PDAs

Courtesy of InformationWeek

There was a time when the biggest mobile computing risk was losing a laptop. How quickly things change. Cell phones, smart phones, and PDAs increasingly are being used to access business applications, E--mail, and the Internet. In sync with that trend are new security threats to mobile devices that store and distribute company information.

They're becoming victims of zombie attacks and other forms of hacking; malware; hybrid PC--mobile viruses like Comwarrior, Bluejacking, and Cabir; and spam. And for the first time, many businesses are finding they need plans for securing mobile devices, including what methods to use and rules for how devices can be used.

"Putting together policies and procedures to add security for a device ... is becoming a real challenge," said Larry Hardin, senior manager of communications in the IT group at food--service distributor Sysco Corp., during a session at last week's Mobile Business Expo in Chicago. The issue has come to a head at Sysco, Hardin said, as more traveling salespeople start using devices other than laptops. For easier management, Sysco requires that employees use only company--distributed mobile devices for work and has developed service--level agreements with all its wireless vendors.

Partners In Security
Securing E--mail was the motivation behind a partnership between Research In Motion Ltd., maker of the BlackBerry, and security software vendor PGP Corp. The companies last week unveiled PGP Support Package, due later this year, which is designed to provide encryption, decryption, digital signatures, and verification for E--mail sent and received on BlackBerry devices.

However, the support package will only work for customers who already have deployed PGP's Universal technology, which lets businesses manage encryption and digital signatures from a single console. It will be distributed exclusively by PGP through its 175 resellers.

It's a step in the right direction. But there still aren't enough security options for mobile devices, says James McGibney, operations manager at construction company Rudolph and Sletten Inc. About 150 of the construction company's workers use RIM's mobile E--mail service with BlackBerrys or Good Technology Inc.'s mobile E--mail with Treo devices, so they can stay on top of any alerts or changes during construction jobs. Because of a lack of good vendor options, the company's in--house IT department is writing an application that will scan messages before they're sent through Good Technology's E--mail service, McGibney says. "Imagine the impact of a worm attached to E--mail infecting your PDA and sending itself to everyone on your address book," he says. "We don't want to take chances."

Hackers and thieves are one problem----losing mobile devices is another. Consider this: Travelers left 85,000 cell phones and 21,000 PDAs and Pocket PCs in Chicago taxis in the past six months, according to recent research conducted by Pointsec Mobile Technologies, a data--encryption company. Mobile devices often don't offer strong user authentication, meaning almost anyone can get to their contents. "Basic passwords aren't enough," says Stuart Vaeth, chief security officer at mobile security company Diversinet Corp. and co--chair of the Initiative For Open Authentication's technology group, an IT vendor group fighting identity theft.

Diversinet last week released a version of its multitoken wallet for Symbian OS mobile phones. The wallet, which already is available for the Microsoft Windows Mobile Pocket PC, is an application that resides on a device and lets users add and manage all of their mobile tokens in one place. It's designed to be used with mobile tokens that Diversinet activates wirelessly. The tokens provide passwords that change each time a user accesses a secure network, server, or Web site via a mobile device and are generated in software or delivered as a text message on the device. Diversinet says it's planning to extend the multitoken wallet to additional mobile--device platforms.

E-mail This Story
Print This Story
Reprint This Story

Get the latest Personal Tech news, product info, and trends every week.

Related Content

  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Blog RSS Feed

Keeping Up To Date On Enterprise Server Tech?
Review our compilation of columns on server security, database software, and Linux issues.
Unleash the Power & Opportunity of Grid Computing
Experts will identify trends in grid computing, provide
examples and examine solution options.
Using Current Performance to Shape
Future Results

Hear new strategies for improving business
performance and results.

Editor's Picks

Well, Microsoft has "unfolded" its "Origami" ultra-mobile PC platform Thursday. It turned out to be a full-featured PC smaller than a tablet but bigger than a PDA. Are you impressed?
Yes! I want one!
Sort of. We'll see.
No! It's too big for a pocket and too small for real computing. What's the point?

In search of personal tech products? See our new Product Finder, where you'll find personal computing devices, communications solutions, security products, and more.

On the CIO Agenda with IBM
With business growth back on the agenda, the role of the CIO is changing from manager of technology to C-suite collaborator in enabling innovation that matters for the business. Read an executive summary and register to download the full IBM paper.

Symantec Backup Solutions
Desktop to Data Center Protection. Explore the Official Symantec Site.

SEC & HIPAA IM Compliance
Satisfy regulatory and compliance requirements for instant messaging.

Secure & Easy Console Management with Digi CM
The Digi CM console server provides secure, intelligent & easy access to network devices with a serial console port. With Digi CM, you can securely monitor & control servers, routers, switches & other devices even when your network is down.

Understand the financial impact of open source.
Will open source pay off? Open source is becoming standard within enterprises, often because of cost savings. Find out how much of a financial impact it can have on your organization. Get this methodology and calculator now, compliments of JBoss. Go!

Buy a Link Now

Protecting HTTP traffic: An integral part of your security strategy
Application-Smart Networking for Fast, Reliable, Secure Application Deliver
CSC Worldwide IT consulting, systems integration, outsourcing
Top Requested White Paper Categories from TechWeb White paper Library
Top ten search terms from the TechWeb TechEncyclopedia