Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » 10 tips for mobile security

10 tips for mobile security

by Nikola Strahija on January 4th, 2003 Telecommuters, road warriors and laptop-carrying executives dominate the corporate landscape, increasing demand for remote access to applications and network resources. This presents new security challenges for network administrators as remote and mobile workers’ connections punch holes in network defenses.


It also exposes companies to a major financial risk if the network is infected by the next generation of Code Red- or Nimda-style attacks. To combat these threats, here are the “Top 10” recommendations to effectively manage mobile user security:

1. Scans. Users connecting to the Internet via broadband (through hotel DSL, home cable or airport WLAN) may be subjected to continuous scans by a virtual army of script kiddies. A packet-filtering PC firewall eliminates this risk and is a natural complement to corporate security tools already in place on the network edge.

2. Worms and viruses. Antivirus software cannot be overused. For static desktop computers, performing gateway e-mail virus checks is sufficient, but mobile laptops, accessing Web-enabled e-mail, face new risks. Laptops, without current antivirus signatures installed, risk infection or can contaminate the corporate network once reconnected in the office...... continued.....

3. Lost/stolen laptops. Misplaced laptops are a substantial issue. If the laptop data is valuable, consider some form of disk encryption or tracking software. To protect against a laptop’s use to spoof a network identity, strong authentication is a must. Even with simple tools, discovering a laptop’s logons and passwords is relatively easy. To prevent thieves from gaining authenticated, encrypted access to the network, make sure the virtual private network (VPN) authenticates the user and not just the machine.

4. Denial-of-service launch pad. Zombies (sleeping Trojans), ready to be activated on demand, can turn a laptop into a tool for a distributed denial of service attack, exposing a company to potential liability. Current antivirus signatures are critical, but outbound traffic controls with PC firewalls can choke off all but the most persistent Trojans by blocking the ports they use to propagate.

5. Client/gateway VPN compromise. VPNs perform two security tasks well–encrypting data while in transit, and authenticating both user and laptop to the network. Unfortunately, they also render the laptop a more valuable target since it is a passageway into the network. So keep it simple–no split tunnels, strong user authentication and tough policies for employee misuse.

6. Multiple environments/multiple policies. With mobile users, there is a range of environments to consider in a security policy. With or without a VPN, users may connect to the network directly, through a corporate ISP, or their own ISP. Develop specific guidelines and policies for user location and method of access.

7. Operating systems. Pick a single standard and stick with it. Assemble a good Windows 2000 image, turn off personal Web services (or be vulnerable to Nimda remnants) and other unnecessary services, and stay abreast of patches and service packs.

8. User-managed security. Users cannot manage their own security. If alerted to a security incident, they will either disable the security tool or call the help desk. Enterprise-ready tools allow security to be invisible to users, and leave policy configuration to security or network professionals.

9. Simple policy. The most common security issue is a misconfigured policy. To achieve the best results from security tools, select proven technology with well-known approaches and familiar policy structures. Start off with low impact policies, ones that will not accidentally impede user productivity and get the help desk phones ringing. Update and tighten controls over time until a proven, robust set of rules is developed.

10. To alert or not alert, that is the question. Design security with the support and response infrastructure in mind. What response is needed if a laptop is being scanned on a home ISP connection? Is that data even worth collecting? Keep these hidden operational costs in control with a clear plan for collecting and monitoring data. The best option may be to implement standalone tools (antivirus that quarantines a worm, a PC firewall that automatically blocks ports or attacks) rather than add the burden of 24x7 monitoring and ongoing analysis.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »