 |
The high visibility of mobile network security issues reflects the complexity of the world we live and work in. The interrelationship of corporate computing networks, the Internet, and an increasingly mobile workforce give security a prominence it didn't have in earlier, simpler times. The good news is that solutions are available.
The corporate perimeter has been extended significantly both by the evolution of telecommuting and by the pervasiveness of Internet usage. The responsibility of those answerable for network security no longer stops at the firewall, but extends far beyond it. The expanded dimension of the corporate identity now means that network administrators and security staffers must struggle with new corporate security issues. Problems such as unapproved application software, unknown home network configurations and attached devices, and unauthorized password and account management practices are rapidly coming to the fore.
The consequences of inadequate mobile network security go beyond issues about the integrity of the network itself. Indeed, they go beyond corporate viability, extending all the way to the development — or lack of development - of new and profitable marketspaces. Concerns about security issues for mobile-enabled networks are, in fact, claimed to
be part of resistance to the full-scale adoption of mobile commerce.
The dream of millions of dollars worth of business being initiated, conceived, collaborated, and executed by a mobile workforce is already a reality to some - but not yet for all. As with e-commerce, security concerns are playing a big part in the evolution of mobile commerce - end users need to be assured that their privacy and the reliability of their transactions will not be compromised.
Some of the issues involved are as simple as the security and availability of wireless handsets and devices. Until recently, authentication on wireless-web access devices was only possible at the server (Class 2) level via wireless transport layer security (WTLS), the mobile equivalent of SSL responsible for encrypting from a mobile device to a WAP gateway. Class 3 authentication, at both the server and client level - which is a prime enabler for viable mobile commerce applications - is only beginning to see widespread use.
Fortunately, business organizations concerned about the security risks involved with letting end users access network resources via wireless devices can now breathe a little more easily. Products that address a number of critical mobile security issues are coming to market.
Among them are enhancements to high-level security management software applications. One example is server software that lets IT staff manage the authentication of end users centrally, ensuring that only appropriate network resources are accessible to them. These new enhancements typically add support for Wireless Access Protocol (WAP) devices in such applications as centralizing the management of cell phones, PDAs and other handheld devices. The enhanced software is designed with the goal of allowing IT staff to avoid having to set up separate, dedicated security systems for wireless net users.
Similarly, other solutions now coming to market address a critical gap in previously available network security solutions. These offer corporate network administrators and managers the first commercially available high-speed security network adapters for mobile PCs. The new connections help protect confidential information, such as intellectual property, financial transactions, human resource records and customer demographics, transmitted across a local area network (LAN). With these new adapters, companies can now implement comprehensive LAN security solutions, enabling mobile PCs, desktop PCs and servers to utilize Internet Protocol Security (IPSec) encryption. IPSec provides up to 168-bit, triple Data Encryption Standard (3DES) protection, one of the world's highest levels of data security.
|
|
|
The consequences of inadequate mobile network security go beyond issues about the integrity
of the network itself.
|
Fortunately, business organizations concerned about the security risks involved with letting end users access network resources via wireless devices can now breathe a little more easily. Products that address a number of critical mobile security issues are coming to market.
|
|
|
