While consumers, and indeed the online security industry, have typically not paid much mind to warnings of nasties being sent to or through a Bluetooh device, experts are warning that this needs to change. Case in point: the newly discovered Doombot.A, which carries with it CommWarrior.B, which sends itself out using a Symbian smartphone’s Bluetooth transmitter.
Of course, in addition to the fact that the Doombot.A virus and its stowaway CommWarrior.B worm are just plain rude, they can also cost their host money, as many people must pay for messages sent from their phones on a per-message basis.
Explains Doug Conorich, Global Solutions Manager for Managed Security Services at IBM, “The biggest threat that I see right now is that is that Blackberries and PDAs are connected to names and addresses. If somebody devised a virus sent out with a ‘payload pull’ and an ‘address book out’ it could send out messages to all those listed in the address book. At 10 cents a message or more on some of the plans, you can see that that cost to smartphone end-users could add up rather quickly.”
Experts point out that responsibility for the security of a mobile device lies in part with the software publisher. “The software vendors that produce mobile phone operating systems definitely have the responsibility of issuing patches to their products. But this is a totally separate issue from determining who is responsible for protecting smartphone users from a financial standpoint,” points out McAfee Mobile Solutions Senior Vice President Victor Kouznetsov.
|Read Internet Patrol Articles Right in Your Inbox
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
|Or get notified of new Internet Patrol articles for free!
Beyond that, however, is what measures should IT departments take as the workforce is increasingly mobile-enabled? Kouznetsov says that IT departments need to demand that their carriers provide anti-virus and security measures for mobile devices, and recommends that an IT department “would be well advised to contact the operator they are using and standardizing on, and then demand that the operator include the technology and provide it on their handsets, or ask whether the operator will be including it in the future.”
Experts also agree that it is incumbent upon IT departments to establish standard policies and procedures for allowing an employee to connect a mobile device to the enterprise network, or even that the enterprise should standardize and provide the mobile devices to ensure that they conform to standards set by the enterprise.
Drew Carter, a Senior Product Manager, also with McAfee Mobile Solutions, points out that “Mobile devices are often purchased by individuals who also want to access enterprise resources. But does this really make sense? Today the technology is somewhat immature, but as it reaches a higher level of penetration, companies will need to adopt a more sophisticated approach. The other option is for enterprises to provide the mobile devices and set the standards, so if mobile workers want to connect to the network, then they need to buy these devices.”
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!