Security
SHARE
Facebook X Pinterest WhatsApp

Mobile Workers Cut Gaping Hole in Security

As IT administrators and CIOs arm their mobile workers with laptops and send them out into the concrete jungle to connect with customers, consultants and the home base via wireless networks, very few of them are doing it securely. While IT shops are increasingly telling end users to take advantage of the convenience of wireless […]

Written By
SG
Sharon Gaudin
Oct 11, 2005
Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

As IT administrators and CIOs arm their mobile workers with laptops and

send them out into the concrete jungle to connect with customers,

consultants and the home base via wireless networks, very few of them are

doing it securely.

While IT shops are increasingly telling end users to take advantage of

the convenience of wireless connections, securing those connections —

and securing the mobile worker in general — is an afterthought. And this

is leaving a gaping hole in a lot of corporate networks.

”Most mobile workers are unprotected, and it’s as scary as the value of

the data on that machine,” says Ken van Wyk, principal consultant for

KRvW Associates, LLC and a columnist for eSecurityPlanet. ”You lose a

laptop and it’s worth maybe $1,500 or $2,000. So what? In the grand

scheme of things, it’s not a big deal. If you’re processing information

on your laptop that is worth a lot more than the laptop itself, then its

foolhardy to not protect that data.”

And many end users are not protecting their data, says van wyk. Most

likely following the lead of their IT administrators, they probably have

anti-virus software on their laptops, but is it updated? Are they

patched? Are they running a firewall? Encryption?

The answer is most likely not. And that’s a dangerous game to be playing,

say industry analysts.

Having an undersecured mobile workforce is especially dangerous when that

workforce is growing by leaps and bounds.

According to a survey from Senforce Technologies Inc., an endpoint

security company based in Draper, Utah, 87 percent of critical business

data is found on endpoint machines. And 56 percent say their current

wireless network security strategy is inadequate.

”The worry goes back to the phenomenon that the endpoint user is not

just working on the corporate network,” says Kip Meacham, director of

product management at Senforce. ”They’re going to be moving through a

variety of networks while they do their jobs — the corporate

infrastructure, hotels, airports, coffee shops, their homes. Looking at

the world as being either trusted or untrusted is an oversimplification

of how the world is working.”

Tim Cranny, a senior security architect at Senforce, says IT shops just

aren’t putting enough effort and muscle into securing their mobile

workers.

”Companies aren’t taking enough steps to secure them, to secure

wireless,” says Cranny, noting that the problem stems from a lack of

money, a lack of time and a lack of knowledge. ”What we’re talking about

here is a need for a cultural change to realize that the ground is

shifting beneath their feet. There are fundamental new challenges.”

The Senforce survey shows some of these shifts:

  • 82 percent of new computer buys are notebooks, rather than desktops;
  • 74 percent of those notebooks are wireless-enabled;
  • 92 percent of IT administrators are concerned about notebooks moving

    in and out of the network perimeter, and

  • 35 percent of malware infections resulted from endpoint intrusions

    while off the managed network.

    ”Well, we know that security is difficult at best in today’s complicated

    world,” says Ken Dunham, a senior engineer for VeriSign iDefense

    Intelligence based in Mountain View, Calif. ”It’s hard enough on a

    corporate network keeping machines fully patched and updated. It’s

    exacerbated when you have a mobile user. One of the weakest points of

    network security today is the mobile user. When people have laptops for

    use in the home office, as well as the corporate office, they tend to be

    less compliant and less up-to-date as the office computer.

    ”What it means is this is a whole different medium to manage,” he adds.

    ”If you’re going to have mobile users, you have to manage them.

    Companies struggle to identify what the risks are for mobile users. They

    don’t have good models in place because they’re not used to dealing with

    it. But today a lot of people are using laptops so we’re going to see

    better security than we have in the past. It does mean there are unique

    challenges to making sure laptops are secured and locked down.”

    van Wyk says the first line of defense for mobile users has to be

    up-to-date anti-virus software and a personal firewall on every laptop.

    And he adds that users need to use the firewalls to close down all

    incoming services except the ones absolutely needed. Add to that

    encryption software.

    ”Another very real concern is physical theft of the laptop,” says van

    Wyk. ”All the other software just goes to crap if the laptop gets

    stolen. That’s when you need to have some sort of encryption. That way if

    somebody were to steal your machine, they’d get the laptop but not your

    data.”

    The problem, says van Wyk, is that very few mobile workers are using

    encryption, and many aren’t even using firewalls.

    ”From my over-the-shoulder glances on airplanes, I’d say hardly

    anyone,” says van Wyk. ”I think the number is nearly inconsequential

    when you’re talking about encryption. I almost never see somebody doing

    that… I think companies are just handing out a laptop and maybe they

    give them anti-virus. But it’s pretty darn rare for companies to hand out

    more protection than that.”

      SEE ALL
    ARTICLES      
    • SG

    Sharon Gaudin is a veteran technology journalist who has worked for the likes of Computerworld, InformationWeek, and Datamation. She has covered everything from the cloud, security, and social networking to software development, robotics, artificial intelligence, and hardware.

    Recommended for you...

    thumbnail OpenAI Atlas Browser Security Flaw Lets Hackers Attack
    Security
    OpenAI Atlas Browser Security Flaw Lets Hackers Attack
    Datamation Staff
    Oct 28, 2025
    thumbnail Controversial UN Cybercrime Treaty Signed by 65 Countries
    Security
    Controversial UN Cybercrime Treaty Signed by 65 Countries
    Datamation Staff
    Oct 27, 2025
    thumbnail Critical WatchGuard VPN Bug Lets Hackers Control Networks
    Security
    Critical WatchGuard VPN Bug Lets Hackers Control Networks
    Datamation Staff
    Oct 20, 2025
    thumbnail North Korean Hackers Deploy 338 Malicious NPM Packages
    Security
    North Korean Hackers Deploy 338 Malicious NPM Packages
    Datamation Staff
    Oct 14, 2025
    Datamation Logo

    Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.

    facebook
    x

    Company

    Contact us Advertise with us

    Categories

    Trends Big Data Data Center AI Cloud Applications Mobile Open Source Security Storage

    Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

    Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

    Terms of Service Privacy Policy California - Do Not Sell My Information