Reducing mobile security risks

Mobility may be a fact of life in just about all enterprises, but that doesn’t mean IT organizations aren’t concerned about its impact on security and compliance. Even as more organizations embrace the use of mobile devices by employees and customers to access services and applications, a new survey indicates that IT professionals are wrestling with heightened security risks - and are looking for help.

The symbiosis of digital and physical security

The challenge of modern security reminds one of the 1955 Stargazers hit, "Close the door – they're coming through the window": as soon as you've stopped one weak point, the challenges appear somewhere else, and the challenge is getting bigger all the time. From home automation systems to major data centers, the situation seems to be the same - you must assure digital security to guarantee physical security and the other way around. A clear symbiosis.

Where did your data go?

A civilian employee of a police department disables warehouse security cameras and steals backup tapes putting identity numbers and the direct-deposit information of 80,000 cops at risk; a leading data broker turns off an electronic security tool that exposes the personal information of more than 13,000 people and brings the company a $275, 000 fine from the US Federal Trade Commission. These are not just nightmare scenarios but recent reports of actual crimes and penalties added regularly to an ongoing data breach chronology posted by the Privacy Rights Clearinghouse.

Weighing the hacking risks

It’s a story that seems worthy of front-page headlines: A hacker exposes a major flaw in the protocol that underlies many of the world’s access control systems, defeating it in minutes with some clever programming and off-the-shelf components. That’s exactly what happened during the DefCon conference in Las Vegas last August, when Zac Franken demonstrated how to attack the widely used Wiegand protocol.