Five Risks Mobile Devices Bring to Networks
Like many of you out there I own a smartphone, and I use it for both business and personal reasons. It seems like only yesterday when smartphones were seen as an expensive upgrade. Now their appeal is spreading worldwide as prices come down and hardware improves. Anyone can now get a cheap and responsive device.
However, the latest security flaws found in some Android devices has made me think about the risks these types of devices bring to computer networks.
1. Security flaws in software
A smartphone is a very powerful computer that requires an operating system and applications to make it useful. Most of this is transparent to the end-user and most never worry about updates and upgrades for their devices. As more and more applications are installed, the risk increases of installing applications that have known or undetected flaws. I recommend that you perform regular backups of your data, reset your device to factory defaults every few months and only install applications that you actually use.
2. Rooting phones
Most smartphone manufacturers restrict end-users so that they can only install applications from preapproved marketplaces. They also prevent end-users from gaining access to the operating systems on their devices. Rooting or jail breaking a phone circumvents these controls so that you gain full access to your device. However, this introduces a big risk as applications can now gain root access and you may end up exposing your personal data.
3. Comprised phones
Recently I worked with a university where they had received a notification about a device on their network that was scanning external IP addresses. In the past this would normally be associated with a zombie PC on the network and the IT staff would just remove it. In this case it was found to be a smartphone connected to a wireless network. Somehow, a rogue application was installed on the phone and the owner was unaware that the phone was scanning networks.
4. Kings of connectivity
Once upon a time you got some sort of device-specific cable with your phone, and though a combination of luck and patience you could get it connected to your PC so that you could backup your phonebook. Most phones now support Wi-Fi, Bluetooth and USB tethering. This can be a nightmare for the IT manager as these smartphone features open up more holes on their networks. Wi-Fi tethering features can also be used to access blocked websites during working hours. Future phones are planned to have near field communication chipsets which allows for sharing, pairing, and transactions between NFC devices.
5. Data leakage
My current phone has 16GB of storage and I can add another 32GB via a micro SDHC card. This storage is presented as a regular storage device so it is easy to get data onto it. If I was to access file shares on a network, I could extract a massive amount of data, disconnect and then walk past the firewall with the data on my phone.
If you are concerned about smartphones or other mobile devices on your network there are a number of things you can do. First, you should consider an authentication mechanism like 802.1X which will require users to identify themselves before they can gain access to the network. There are many guides out there which explain how you can devices like iPads connected to the corporate wireless network.
Once users are connected to your network, you should watch what they are doing. You can get started by locating your network core and then you can look at implementing a network monitoring solution. Look out for the top users downloading data from your file-shares, databases or business applications. Deep packet inspection technologies can also detect mobile devices on your network. They do this by extracting the web-client information from network packets. This web-client data can then be used to identify what types of systems are on your network.
Darragh Delaney is head of technical services at NetFort Technologies. As Director of Technical Services and Customer Support, he interacts on a daily basis with NetFort customers and is responsible for the delivery of a high quality technical and customer support service.