Welcome to the Business Insight blog, your all access pass to the very best thought leadership, information and tools for creating smarter business strategies and practices. You'll discover a broad range of resources including real-life case studies, insightful analyses, blogs, articles and ideas from leading experts in diverse industries.
|The IBM Business Insight Channel||IBM for Midsize Businesses|
|Most recent||Most recommendations||Most comments||Most visits|
Mobile computing and security on the road
Business Insight 270004899S firstname.lastname@example.org | | Tags:  encryption wifi mobile_computing it_security
0 Comments | 1,829 Visits
Coffee retailer Starbucks created a small PR coup when it announced that it would offer free WiFi at all its retail locations. It definitely was the right move at the right time. The iPad has clearly started this era in mobile computing in which increasing numbers of consumers and, inevitably, business people will take their computing with them to wherever they want to be, including their favorite coffee shop or restaurant, as well as places they have to be such as airports, hotels, and conference centers. And of course Starbucks is not the first large restaurant chain to offer free WiFi. McDonalds and a number of other food chains have offered WiFi for years, mainly because it increases business, and it is hard today to find a motel or hotel that does not offer free WiFi.
But no sooner had Starbucks made the announcement than security gurus began issuing public warnings of the dangers of using those unsecured, public hot spots. The problem is that you can never know who you are sharing the hot spot with, and while your CFO may be checking corporate or personal bank accounts over lunch or a mid-morning Frappuccino, a cyber-crook at the next table could be invading his iPad or intercepting the data from it over that same wireless network and stealing the corporate passwords. The problem, of course, is that while the WiFi network probably will have a firewall to protect users from bad guys on the Web, it cannot defend against crooks using the LAN itself. And while Windows and Macintosh laptops do have firewalls and other security, iPads, iPod Touch PDAs, and other WiFi-enabled communications systems do not. And since they cannot run software in background, IT cannot add a firewall even if someone made one for the iPad.
The danger is great enough that some security experts recommend against using public hot spots at all and urge users to use wireless data connections, which do not support peer-to-peer connections. While that is probably the safest alternative it is not always an option. Many iPads and other mobile devices do not have cellular radios; the higher-speed 3G and 4G cellular systems are not universally available, particularly in North America, and even where they are the signal may be blocked in some locations.
Another problem is that cellular data services are expensive, particularly when they are used heavily. Mid-sized companies supporting a large staff of external sales and support personnel, plus executives and other knowledge workers who spend increasing amounts of their work days out of the office, may find cellular data costs growing to become a significant addition to bottom-line costs.
The next best answer may well be a major upgrade to the company security architecture to replace passwords entirely with biometric identification and to encrypt transmission of all sensitive corporate data. That also has its cost, particularly in the management of encryption keys, but it may become an alternative that mid-sized companies should consider as we move into this new era of pervasive mobile computing.
Other, less drastic security measures include using VPN and disabling file sharing, and just turning off the WiFi (and Bluetooth) radios in the system when they are not actually in use. Some mobile systems have a physical switch that allows users to turn those on and off, and an added advantage of doing that is that it increases battery life; WiFi radios use a lot of power. Users should be educated to this, but whether they will remember is another issue.
This article was sourced from the Info Boom.