The gatekeepers

Florian Malecki, SonicWALL’s enterprise marketing manager for the Middle East and Africa, explains how the hidden security threats can be a major threat for network managers, and how to mitigate them.

Tags: Mobile applicationMobile broadbandSonicWALL IncorporatedUSA
  • E-Mail
The gatekeepers
By  Florian Malecki Published  October 27, 2010

Florian Malecki, SonicWALL’s enterprise marketing manager for the Middle East and Africa, explains how the hidden security threats can be a major threat for network managers, and how to mitigate them.

The “Consumerisation of IT” an industry-accepted idiom introduced by Gartner Inc., who reports that the majority of new technologies enterprises currently adopt for their information systems will have roots in consumer applications.i At the same time, because employees work everywhere at any time, and need constant access to key corporate information, they rely upon the same smartphone technology they use in their personal lives to extend their workday, and increase efficiency.

However, these corporate end users do not want IT to dictate what smartphone platform they can use (i.e., RIM® BlackBerry), or force them to carry one IT-manage smartphone for work and another consumer device for personal use. Typically, IT initially makes exceptions in allowing consumer smartphone use by a few select executive employees who are first movers, often followed by internal engineers and IT technicians, and subsequently, the wider base of employees will demand to use them as well.

IT has effectively lost their ability to constrain the choice of smartphone access in a corporate setting. Further vexing admins is that the scope of the issue continues to expand as new devices are introduced to the corporate network, such as the Apple iPhone and iPad.

A mobile target

However, consumer-driven smartphone platforms are subject to market forces and fluctuations that are beyond the control of corporate IT departments. Today’s “flavor-of-the-month” may fall out of favor very rapidly, influenced by marketing promotions and sales incentives on the part of device and service providers, as well as rapid-fire feature enhancements amongst the competition. IT must deal with multiple operating system platforms, including Apple, Google, Symbian, and Microsoft, with an additional potential for new providers from emerging technology powerhouses such as China. As a result, significant IT investment in securing any particular consumer smartphone platform is practically untenable over time.

In addition, the political implications of Web-enabled smartphone communications have resulted in governmental restrictions that can significantly influence the use of smartphones in the global marketplace. For example, in August 2010, the United Arab Emirates and other Gulf Cooperation Council (GCC) members threatened suspension of all the various BlackBerry mobile services such as e-mail, text messaging, and Web access to government-forbidden sites, citing a range of hitherto-unmentioned security concerns. In 2008, India threatened similar action. Subsequently, to minimise risk of regional loss-of-service, a global business cannot depend solely upon the viability of a single smartphone vendor’s platform, but instead, must deploy smartphone solutions that are able to facilitate multiple platforms. This potentially undermines any IT controls gained from earlier deployments of BlackBerry Enterprise Server (BES) environments.

The burden of juggling support for multiple smartphone platforms can also take IT resources away from securing other aspects of the network. Ultimately, new business technology should enhance employee productivity, not overwhelm it. Organisations must bear in mind the impact that individually supporting and securing multiple smartphone platforms will have upon administrative overhead and total operating costs.

The impact of smartphones on network security

Smartphones have shifted their primary focus from being primarily a cell phone to becoming an evolving Web-enabled computing platform. Ultimately, telephony is just another smartphone application. (In fact, many smartphones can use Web-based VoIP applications to sidestep the device’s traditional cellular voice carrier.) Today’s smartphones have much the same functionality and, unfortunately, vulnerabilities as yesterday’s laptops.

Acting as mobile network endpoint devices connected to the Internet, smartphone platforms are inherently insecure. Whether corporate-issued or personally owned, smartphones easily move in and out of the existing network, traversing internal and external firewalls. Of particular concern, it is harder for IT to control what users do with their smartphone devices, and how these devices expose business data to security threats.

Bandwidth overconsumption

The preponderance of interactive Web 2.0 and streaming media traffic over smartphones can potentially affect wireless network throughput. Some of these applications, such as streaming video applications, constantly evolve to avoid control. In addition, like any Web-facing endpoint device running applications over the network, smartphones present in an enterprise environment are a potential channel for forced denial-of-service attacks.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code