More Evidence: Mobile Devices Threaten Enterprises from Within
Today,
most office workers carry mobile phones into work. Much of the time, the
devices are more advanced smartphones, such as Android-based phones, Blackberry
devices, or Apple iPhones. The employees almost never consider the security
implications of bringing connected devices behind a company’s firewall. Yet the
trend has not escaped the notice of chief security officers and
information-technology administrators. Smartphones are becoming prolific within
enterprises, but the security teams do not really have a handle on how to
secure the devices, said the CEO of Lookout, a mobile security firm. “They have
spent a vast amount of resources in terms of dollars and time to defend their
corporate networks and the traditional network security perimeter, but the
mobile device â?¦ has trusted access to the very critical data at the soft and
chewy center of the company,” he said. “It’s almost a Trojan horse into the
enterprise itself.” In other words, insider attacks may come not from a
malicious employee, but from an ignorant employee bringing a compromised device
into the workplace. The conclusion is not a surprise: Over the past year,
security researchers and attacker have increasingly focused on smartphones and
other mobile platforms. The attention highlighted a bevy of potential attack
scenarios, including information leakage and outright control of the personal
devices.