Create a free account, or log in

Employee smartphones a network security risk, experts warn

Employees using smartphones to connect to wireless networks at work, and receive corporate data while on the road, could be an easy target for hackers and ruthless competitors, experts warn. The comments come as more employees are using their own handsets in order to connect to a corporate wireless network, creating more risks for IT […]
Patrick Stafford
Patrick Stafford

Employees using smartphones to connect to wireless networks at work, and receive corporate data while on the road, could be an easy target for hackers and ruthless competitors, experts warn.

The comments come as more employees are using their own handsets in order to connect to a corporate wireless network, creating more risks for IT officers and system administrators.

Businesses are increasingly using wireless networks to send data to employee handsets while they are on the job, such as customer and product information. Additionally, workers are connecting to corporate networks to sync calendar dates, email lists and meeting information in order to keep up-to-date with other staff.

But David Cannon, program manager for telecommunications at research firm IDC, says while wireless networks like these provide significant benefits, there are also huge risks if these networks are left unsecured.

“How do you protect yourself from information getting into the wrong hands? From my perspective, if you’re going to use a network like this, you need to be using strict security.”

Cannon says this is becoming more of an issue for businesses as staff demand more sophisticated networks. Originally, he says, only executives were privileged to this type of technology.

“This is really called enterprise mobility. There is demand for this type of data within organisations, because employees want to be able to access different types of email, calendar syncing, and so on. A company could have a main calendar with different information on it, and employees want to access that.”

Ed Curtis, strategic and solutions sales manger from Research In Motion, says businesses need to know exactly what type of data is being used.

“What data are you transmitting? Are you describing different parts you use, if it’s a trade business, or is it credit card details? Are you transmitting customer information, such as phone numbers? Are you happy with transmitting that information?”

“Having access to that data is fine, but you need to know what would happen if a competitor gained access to that. Break-ins to these networks can occur, so you need to make sure the network and employees have passwords on their phones that are secure.”

Curtis says this is an issue most small businesses ignore. If a competitor has access to a handset lost by one of your employees, he says, they could read information that would put them in an advantage.

“Handsets are lost all the time. It’s easy to lose one, and it’s common. That’s why you need security on these networks. It can be as simple as making sure employees are putting a password on their device, and then you need to know what can actually be extracted. For example, can an SD card be removed from the handset with data on it?”

Cannon says this is why it’s important IT departments require employees use only certain types of handsets when accessing the network. Having workers use the same type of phone reduces security risks.

“You can imagine, for example, a plumbing business which would want to push different information out to workers on the job while they are out and about. So now you have potentially dozens of employees accessing wireless data.”

“But what an IT department can do is write up a list of approved phones for employees to use, so you know what you’re dealing with. It reduces the risk because you know how to troubleshoot these handsets immediately if they’re broken or lost.”