Wednesday, April 14, 2021

Mobile Workers Cut Gaping Hole in Security

As IT administrators and CIOs arm their mobile workers with laptops and

send them out into the concrete jungle to connect with customers,

consultants and the home base via wireless networks, very few of them are

doing it securely.

While IT shops are increasingly telling end users to take advantage of

the convenience of wireless connections, securing those connections —

and securing the mobile worker in general — is an afterthought. And this

is leaving a gaping hole in a lot of corporate networks.

”Most mobile workers are unprotected, and it’s as scary as the value of

the data on that machine,” says Ken van Wyk, principal consultant for

KRvW Associates, LLC and a columnist for eSecurityPlanet. ”You lose a

laptop and it’s worth maybe $1,500 or $2,000. So what? In the grand

scheme of things, it’s not a big deal. If you’re processing information

on your laptop that is worth a lot more than the laptop itself, then its

foolhardy to not protect that data.”

And many end users are not protecting their data, says van wyk. Most

likely following the lead of their IT administrators, they probably have

anti-virus software on their laptops, but is it updated? Are they

patched? Are they running a firewall? Encryption?

The answer is most likely not. And that’s a dangerous game to be playing,

say industry analysts.

Having an undersecured mobile workforce is especially dangerous when that

workforce is growing by leaps and bounds.

According to a survey from Senforce Technologies Inc., an endpoint

security company based in Draper, Utah, 87 percent of critical business

data is found on endpoint machines. And 56 percent say their current

wireless network security strategy is inadequate.

”The worry goes back to the phenomenon that the endpoint user is not

just working on the corporate network,” says Kip Meacham, director of

product management at Senforce. ”They’re going to be moving through a

variety of networks while they do their jobs — the corporate

infrastructure, hotels, airports, coffee shops, their homes. Looking at

the world as being either trusted or untrusted is an oversimplification

of how the world is working.”

Tim Cranny, a senior security architect at Senforce, says IT shops just

aren’t putting enough effort and muscle into securing their mobile

workers.

”Companies aren’t taking enough steps to secure them, to secure

wireless,” says Cranny, noting that the problem stems from a lack of

money, a lack of time and a lack of knowledge. ”What we’re talking about

here is a need for a cultural change to realize that the ground is

shifting beneath their feet. There are fundamental new challenges.”

The Senforce survey shows some of these shifts:

  • 82 percent of new computer buys are notebooks, rather than desktops;
  • 74 percent of those notebooks are wireless-enabled;
  • 92 percent of IT administrators are concerned about notebooks moving

    in and out of the network perimeter, and

  • 35 percent of malware infections resulted from endpoint intrusions

    while off the managed network.

    ”Well, we know that security is difficult at best in today’s complicated

    world,” says Ken Dunham, a senior engineer for VeriSign iDefense

    Intelligence based in Mountain View, Calif. ”It’s hard enough on a

    corporate network keeping machines fully patched and updated. It’s

    exacerbated when you have a mobile user. One of the weakest points of

    network security today is the mobile user. When people have laptops for

    use in the home office, as well as the corporate office, they tend to be

    less compliant and less up-to-date as the office computer.

    ”What it means is this is a whole different medium to manage,” he adds.

    ”If you’re going to have mobile users, you have to manage them.

    Companies struggle to identify what the risks are for mobile users. They

    don’t have good models in place because they’re not used to dealing with

    it. But today a lot of people are using laptops so we’re going to see

    better security than we have in the past. It does mean there are unique

    challenges to making sure laptops are secured and locked down.”

    van Wyk says the first line of defense for mobile users has to be

    up-to-date anti-virus software and a personal firewall on every laptop.

    And he adds that users need to use the firewalls to close down all

    incoming services except the ones absolutely needed. Add to that

    encryption software.

    ”Another very real concern is physical theft of the laptop,” says van

    Wyk. ”All the other software just goes to crap if the laptop gets

    stolen. That’s when you need to have some sort of encryption. That way if

    somebody were to steal your machine, they’d get the laptop but not your

    data.”

    The problem, says van Wyk, is that very few mobile workers are using

    encryption, and many aren’t even using firewalls.

    ”From my over-the-shoulder glances on airplanes, I’d say hardly

    anyone,” says van Wyk. ”I think the number is nearly inconsequential

    when you’re talking about encryption. I almost never see somebody doing

    that… I think companies are just handing out a laptop and maybe they

    give them anti-virus. But it’s pretty darn rare for companies to hand out

    more protection than that.”

  • Similar articles

    Latest Articles

    NVIDIA’s New Grace ARM/GPU...

    This week is NVIDIA’s GTC, or GPU Technology Conference, and they likely should have changed the name to ATC because this year – it...

    What is Data Segmentation?

    Definition of Data Segmentation Data segmentation is the process of grouping your data into at least two subsets, although more separations may be necessary on...

    The Conversational AI Revolution:...

    One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...

    Edge Computing

    Edge computing is a broad term that refers to a highly distributed computing framework that moves compute and storage resources closer to the exact...