Forward Thinking: Network Security Predictions for 2011, Part 4

Posted: February 1, 2011 in Expert Q&A

Editor’s Note: This post is part of the Forward Thinking series, which features expert opinions on the top security trends of 2011. Today’s post features Daniel Keelan, principal at E and T services.

By Daniel Keelan

Vulnerability of Mobile Apps

These applications are not immune from Trojans. There are cases cited in which outbound calls have been forced from iPhones. Other mobile devices have been turned into listening devices by exploiting the GSM code. The listening device scenario is even more disconcerting, as the GPS feature of smartphones can allow a specific user to be pin-pointed.

Google had a vulnerability in 2010 that allowed a hacker to access an Android’s Web browser. This could potentially lead to access to browser history, transaction history, and even to credentialed information. Android has been shown to have cross-site scripting vulnerabilities that injects code allowing a hacker to bypass access controls into a Web site.

How will these vulnerabilities take shape in 2011?

Loss/Theft

One of the most common ways that vulnerabilities occur (and will continue to occur) on mobile devices is through theft or physical loss. This threat from losing your mobile device is no different that the threat associated with losing or having a lap top stolen.  As smartphones and tablets increase in popularity — and in their memory capacity – there will be even more data “out there” to mine.  For instance, in 2011 more and more people walking along with their mobile devices will be accessing e-mails, contacts, documents, and spreadsheets that are downloaded and stored on their devices.

Mobile Apps Masquerading as Legitimate Apps

Here’s one you’ll here more about this year. The smartphone user community is made up of the same people who like to download interesting applications to their PCs and devices – and inadvertently — end up introducing malware onto these machines.

However, consumers are increasingly accessing corporate networks from their PCs and mobile devices.  So, enterprise network managers should pay increasing attention to the applications being downloaded on mobile device.  Apple lists several vulnerabilities that have been discovered at http://support.apple.com/kb/HT1318

In 2011, companies that deploy smartphones and tablets need to take further steps to control these devices in the same manner they control the desktops inside their enterprise network. For example, it’s a good idea for enterprise network managers should only allow company-issued smartphones and tablets.  Also, to prevent malware and Trojans, enterprise network managers should lock-out any download capabilities of these devices.

Daniel Keelan can be reached at dkeelan@eandtservices.com.

Comments
  1. […] we gear up to dive into the second quarter of 2011, we’ll wrap up the Forward Thinking series. We’ve had some insightful predictions on network security trends for 2011, so we’ll close this […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s