The threat from hackers breaking into corporate networks through always-on GPRS devices is poised to grow exponentially and add millions of pounds to system management costs, industry experts told vnunet.com yesterday.
Uffe Sorensen, chief technology officer at Lotus, said: "There is a very real threat from always on, packet-based services as these are increasingly used to access corporate data, applications and services. One of the biggest risks at the moment is GPRS which will really force this issue."
Ericsson Mobile's manager of strategic business development, Henrik Voigt, agreed that GPRS poses serious risks. "The main challenge now is GPRS connections. They are out there in the public internet. We need to work hard to authenticate users of such services."
According to Sorensen, the only way that corporates can combat the growing problem is by installing complex layers of authentication and re-authentication to ensure that remote users are genuine.
"The danger here is that a company could easily create an environment where users are authenticated once and the connection is open for ever after," he said. "Then, if the mobile device gets stolen or lost, the access is left wide open to anyone. Companies need to re-authenticate people whenever they access sensitive information."
Jose Lopez, research analyst at internet specialist Frost & Sullivan, recommended rolling out one-time password systems for users accessing sensitive corporate data.
"It's much more difficult managing all these mobile devices and it will get worse," he explained. "This has to happen as the number of companies that rely on roaming employees grows. The need is for methods including strong authentication, such as RSA smart cards, used to verify users. But this extra overhead will increase management costs significantly."
This view was echoed by Tarmo Jukarainen, Nokia's senior manager, product marketing and business development, Media Phones & Communicators Digital Convergence Business Unit. "We need to look more at Secure Socket Layer and Wireless Transport Layer Security. Secure ID cards with one time passwords are also very important," he said.
Jukarainen added that physical locks on devices, and passwords that lock users out after specified periods of inactivity, should be employed in conjunction with smart cards.
Jason Conyard, director of wireless strategy at antivirus company Symantec, warned: "Networks allowing connections from PDAs and phones tend to be more packet based than circuit switched. A virus on a PDA or phone could cause a denial of service on an entire network."
"The only way to plan ahead is to tackle challenges in existing infrastructure before worrying about the new stuff," he added. "Then you need to apply the same security techniques to a wireless environment as you would to a wired environment."
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23
Asda, Morrisons and Tesco in the frame for checkout facial recognition technology
Research opens up new possibilities for structural batteries, where the carbon fibre forms part of the energy system
Another shape could have indicated hard-to-detect particles