Tag Archives: mobile

Mobile Computing: Securing your workforce

The following introduction was published as the foreword to the BCS eBook on Mobile Computing: Securing your workforce:

“It’s been less than 3 decades since the first commercial handheld cellular phone hit the market. Costing some $3,995, and likened to a brick, it immediately gained a long waiting list. Price and size has come down in the intervening years, and popularity has soared. The technology has moved from analogue to digital and the handsets can now do so much more than make and receive voice telephone calls.

We’ve seen the introduction of short message service (SMS), multi-media message service (MMS), PDA functions (address book, calendar, notes), email, browsing (WAP through to modern browsers), full Internet access and applications. Each new capability has opened up additional potential exposures for users.

Modern smartphones combine elements of mobile phone, personal digital assistants (PDA) and laptop into a small, easily lost or stolen, high value device. With e-wallets, NFC, tablets, etc. as well as storing more and more confidential information as storage capacity grows, its value – and impact when lost – increases even more.

Phones are not the only devices we’re mobile with either. PDAs, laptops, tablets all add to the complexity, as does the growth in employees using their own devices and bringing them into the enterprise. Organisations need to cope, educate and secure.

Although manufacturers, operators, OS/Application vendors and businesses try and control and/or secure their platforms, there are limits to what is technically possible and acceptable to users. Many people are no longer content with a device that cannot perform the functions or run the applications they see other do. Indeed, some will take exception to any level of control/security and ‘jailbreak’ or ‘unlock’ their devices so that they can run what they want on whatever network is available.

Whatever portable device you use, this eBook contains some useful advice to consider – to help improve your mobile security.”

The eBook is available online for preview and order via:

http://www.bcs.org/category/16307

ISNow – Future Threats

The following introduction was originally published in the BCS Information Security Now Magazine, Winter 2010 issue (Volume 5, Issue 2), which was on the topic of Future Threats:

“The start of each New Year brings festive cheer and thoughts about what security related treats we might see in the coming year. I think 2011 may bring:

Targeted malware – next generation spear-phishing. The emergence of Stuxnet, which combines traditional malware techniques with a specially crafted targeting mechanism and payload parameters, may signal a new form of deniable attack. Even with the required time and resources required to develop the intelligence and programming that feeds into such software, it could still be a much more cost effective and politically acceptable virtual approach versus physical alternatives. This attack vector is likely to be picked up by other online ne’er- do-goods.

Secrets revealed – exposing truths. Wikileaks, Crytome, The Smoking Gun and others have a track record of exposing the secrets of governments, corporations and individuals. State and court sanctions are unlikely to deter all those seeking to expose unlawful, hypocritical and immoral activities. Once details are released on the internet it is too late, however good your censorship capabilities are and if the traditional press get hold of it too it’s as good as over. As people learn the effectiveness of such exposure we may see more whistleblowers emerge.

Personal intrusions – self-exposure. From airport security officials wishing to either irradiate us or touch our junk; governments wanting to know about our worldwide banking arrangements, health, happiness and online activities; social networks wanting to know where you are, who your friends are and what you’re saying; advertisers wanting to know where you are and what you’re interested in; employers wanting to know if you’re a suitable hire or risk to the business.

Happy New Year – hopefully.”

A PDF version of the magazine is available online at:

http://www.bcs.org/upload/pdf/ISNOW-Winter2010.pdf