Business Daily from THE HINDU group of publications
Monday, Oct 01, 2007
ePaper
Business Daily from THE HINDU group of publications Monday, Oct 01, 2007 ePaper |
|
|
|
|
|
|
|
eWorld
-
Interview Info-Tech - Viruses Connect gadgets - not viruses
Anil Chakravarthy Paromita Pain In a corporate world where various hand-held and desktop devices are increasingly getting synchronised with one another (Unified Communications), thanks to greater employee mobility, increased competition and expansion in terms of office locations, how do you protect one device from getting infected with a virus residing on another? Anil Chakravarthy, Vice-President, India Technical Operations, Symantec Corporation, sheds light on threats and protection in a chat with eWor ld. Excerpts: What are the threats to devices that are synchronised together? Organisations are encouraging the use of communication devices to allow employees to work and play freely in a connected world. Critical business data is being disseminated through wireless networks but enterprises are yet to realise the magnitude of the threat they face. It is imperative to understand how to protect mobile devices and be aware of the tactics cyber criminals use to compromise corporate information. Some threats are: Snoopware is commonly known as spy software used by suspicious parents, spouses or employers. It is gaining popularity amongst hackers as a way to remotely access a smart phone in order to activate the microphone feature and be privy to confidential/private discussions. Such software also gives access to calendars and contact lists on hand-held devices. Pranking4Profit is a new class of attacks intended to steal money (as opposed to data). This type of crime ware uses a RedBrowser (a programme that claims to enable users to send text messages to a premium service at a low cost. If downloaded, it spreads a type of cell-phone Trojan horse that infects mobile phones) to infect the phone and send premium SMS messages from the device to a Web site that withdraws money from a bank or credit account before the user or network realises. Another type of Pranking4Profit attack places a call to a device, begins a conversation, and then drops the call. Once the user returns the call, he/she is connected to a premium number which charges them for the connection. How can these threats be countered? Policies must be put in place to protect both companies and users when they access critical information from mobile devices. In a recent survey, two out of three Smartphone users said they store confidential data or proprietary information on their devices, and one out of two said they don’t have corporate security rules for confidential data on smartphones. Here are some must dos: Adopt a multi-layer security approach to mobile security. Protect mobile devices with antivirus, firewall, anti-SMS spam, and data encryption technologies and install regular security updates.
Encourage employees to be vigilant about personal security, and not leave their hand-held devices out on a café table or in an outside pocket of a purse or backpack, and also guard against pickpockets. Set policies to password-protect hand-helds, ensuring employees use strong passwords and PINs, and change them frequently to make it difficult for thieves to access confidential information. Schedule regular back-ups for hand-helds just as you would for a PC or Mac. Employees should be encouraged to use only secure wireless connections when accessing the corporate network remotely — if you are unable to find one, save important transmissions until you can connect to a secure environment. Disable Bluetooth and wireless signals when they are not in use. Bluetooth headsets should be paired exclusively with one employee’s hand-held device. Teach employees to develop discriminating behaviour toward pop-ups. Employees should not automatically accept download or update requests — especially if they pop up in quick succession. How do you innovate in this area? Symantec’s Endpoint Security Solution allows an enterprise to utilise a single agent and console that includes all of the solutions needed to reduce end-point exposure. This means increased protection control and manageability, it also means that cost, complexities, and exposures are reduced. It provides integrated antivirus, antispyware, firewall, host- and network-based intrusion prevention solutions (IPS), and application and device control in a single solution.
More Stories on : Interview | Viruses | Hardware
Article E-Mail :: Comment :: Syndication :: Printer Friendly Page
|
Stories in this Section |
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | The Hindu ePaper | Business Line | Business Line ePaper | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |
Copyright © 2007, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line
|