Before, we use the Palm Treos, then the Nokia brick phones like the 9300, the 9210 and the 9500. Then it became the O2 XDA units, and then we again upgraded to the Sony Ericsson P900, the P990i and the P1s.
Now, we have the IPhones, the Blackberrys, the new edition Sony Ericsson Xperias, the Nokia E Series. Soon, we have those Google powered and even the Microsoft powered phones.
Yes, these powerful phones are in, and who knows what they can do in the future. They make us feel connected, make us feel high-tech and they make us groovy and hip. They connect us to the world wide web, they carry tons of information, and they are nice to show off while sipping coffee in Starbucks.
But to those people who use these units do not know, they are very much exposed and at risk. Most of them are “network open”, and I am not saying or describing something like putting in SIM cards of any telco here in the Philippines but something like if a user uses these units in an open network, and someone could be putting in a keylogger, or a malicious content over that network, and to that phone.. Or someone, who can get pictures from an open smartphone unit, and posts it on the Internet, without that user knowing that it happens.
Then, that user who knows he is infected brings that smartphone in his workplace, connects to the corporate network, and infects all computers that are also connected into the network, or, that infected smartphone may be the source of information theft.
So how do you, as an IT manager, would tend to limit the risk? It can be done in various ways.
The first, is if possible, is to provide a business wide company policy on the use of smartphones in corporate networks. If it is necessary, block them off the wireless connections via mac address filtering. The users may complain, but with better communication, it will be understood.
The second, is, if the users would really want to use their personal smartphones within the corporate networks is to limit their access. Again, this can be done via web filtering or access filtering.
For those smartphones connecting to corporate emails like blackberries, it is better if the emails are synced off the email servers via IMAP, not via POP, so that copies of the emails are left off the server and the system administration team has some fragments of evidences left within the company’s network environment should forensics be required in the future.
And yes, prohibit desktop or laptop offline synchs to these smartphones. For the threats may be transferred to a computer which is connected to the network. We also recommend that installation of an anti-virus software (which can be downloaded for free) in each of the smartphone.
Smartphones have become a vital tool in our lives. And if they become really vital, then the risks increase.