World Telecommunication Day 1999 |
By the end of 2005, around 500 million mobile terminals will be in use around the world, each of which poses a serious potential threat to public and private fixed and mobile networks.
According to ''Clear and Present Danger: Smart Phones Get Too Smart,'' a report published in May by Gartner Group Inc. of Stamford, Conn., ''Virus attacks on e-mail systems and servers already cause networks to crash. We expect chaos will reign in the not too distant future when remedial action must include cellphones and personal digital assistants (PDAs), not just networks.''
As if this were not scary enough, the report continues: ''By 2005, at least 10 percent of the attacks on Fortune 2000 enterprises' networks will be caused by an infected mobile device spreading hostile code. By 2004, at least one major wireless carrier on each continent will be attacked, causing its network to shut down until remedial action is taken to stop the spread of an infection within its network, billing systems and customer devices.''
Dangers within and without
According to Gartner, many of the problems will arise because individuals will buy their own mobile terminals and use them for personal and business purposes. The corporate information systems manager will probably not even know of the existence of devices that are being used to gain entry to the corporate infrastructure ''through the front door.''
Others are more sanguine about the situation. Marcus Otto is European product marketing manager for Palm Computing Inc., a subsidiary of 3Com Corp. Its Palm Pilot holds 72 percent of the non-phone handheld mobile device market worldwide. There are around 4 million Palm Pilots in use at the moment. Mr. Otto says that as yet, there has not been a single virus on the Palm operating system, even though there are approximately 17,000 software developers working with it to develop new applications.
Mr. Otto adds: ''We have yet to see viruses that can jump platforms - that is, for example, from Windows to Unix or vice versa - so even if you plug your Palm Pilot into the corporate network, there would be no exchange of corrupted e-mail or data.''
Alan Stanley is managing director of the London-based Information Security Forum, which has just published a guide on securing remote access by personnel. He says such access is ''a fiercely complex process'' and that each of the 12 stages in the process identified in the report can have security built into them.
''When looking at security risks,'' Mr. Stanley continues, ''human error, ignorance and negligence play a big role; we need to concentrate on managing mistakes as well as malice. For example, most mobile devices have a security lock on them so that if the device is lost or stolen, the information it contains cannot be accessed. Unfortunately, most people tend to leave it on the default setting, which is normally something like 1234 or 4444, so that it can be easily overcome.
''Through a combination of education, discipline and clearly set procedures, as well as putting appropriate checks and precautions in place, such as firewalls, encryption keys and preset PINs - there is no need for any business to be held for ransom. The biggest mistake an enterprise could make is to ignore the threat.''
Use your password
David Matthews, group manager of PC products for Compaq Computer Corp. in Richmond, England, agrees: ''Security features are already dealt with routinely when a company issues a member of staff with a laptop. This can include passwords, the configuration and encryption, which means that unauthorized items cannot be added to the laptop or downloaded.
''In the future, I would expect encryption to be used heavily on mobile networks to obviate eavesdropping.''
He also points out that security has been given a high priority in Windows 2000, Microsoft Corp.'s forthcoming operating system for corporate computing. Microsoft has been severely criticized by many in the industry for the ease with which its software can be used, wittingly or unwittingly, to spread viruses.
Somewhat comforting is the fact that companies that are currently working on the next generation of mobile devices - which will vary from straightforward phones to network computers that can also handle voice - are acutely conscious of the potential problems.
Michael Stocks, chairman of the GSM Association, says: ''We are putting a lot of effort into the matter now rather than waiting until it's a big problem - an approach that has been a hallmark of GSM from the start.''
Annie Turner