• NextInnovator(at)Live.com
• No spam, subscription newsletters, solicitations, or attachments please!
• Attn: Harold Abraham, Chief Innovator

• TechnologyInnovator
• EnterpriseInnovator
• SecurityInnovator
• WirelessInnovator 

• Over the River
• eMarketer 
• TechnologyPundits
• Security Insights Blog 
• McAfee AudioParasitics
• Strand Consult
• Ovum
• The Eye For Innovation
• Rethink Research
• Innovation Insights
• Innoblog
• Strategy and Innovation
• The Gadgeteer
• Handheld Speech
• Ghost City

• IT Headline News
• Mobile Enterprise Headline News
• Grid & Supercomputing Headline News
• Bio & Life Science Computing Headlines
• Nano-Computing Headline News
• Telecom Headline News
• Network Headline News
• Desktop & Workstation Headline News
• Server Headline News
• Chip Headline News
• OS Headline News
• Storage Headline News
• Enterprise Security Headline News

• SmartPhone Headline News
• PDA Headline News
• 3G Headline News
• Bluetooth Headline News
• WiFi, WiMAX & WAN Headline News
• Tablet Headline News
• Laptop Headline News

• Cyberwarfare Headline News
• Biometrics & Surveillance Headline News
• Terrorism Headline News
• Guerrilla Warfare Headline News
• Nuclear Strategy Headline News
• WMD Headline News

• Solar Energy Headline News
• Wind Energy Headline News
• Fuel Cell Headline News
• Fossil Fuel Headline News
• Hydro Energy Headline News
• Nuclear Energy Headline News

• Bike & Scooter Technology Headlines
• Automotive Technology Headlines
• Train & Trolley Technology Headlines
• Marine Technology Headlines
• Air & Space Technology Headlines

• Speech Interface Headline News
• Telematics Headline News
• Wearable Interface Headline News
• Biometrics Headline News
• Neural Interface Headline News
• A.I. Headline News
• 3D Interface Headline News

 

By 2009, the number of mobile workers in the United States is expected to reach more than 70 percent of the total workforce, according to Mass.-based International Data Corporation (IDC). And businesses must keep that staggering figure in mind when planning for their current and future mobile strategies.

But as businesses draw out productivity from the mobility-driven workforce, it becomes even more imperative to consider the security implications of that remote environment.

Given the trend of increasingly powerful laptops, PDAs, and Smartphones, an unprecedented number of workers are choosing to work wherever and whenever they can, often via an unsecured Internet connection. This compounds the already tough formulation and enforcement of security policies and procedures.

Some business owners have help from regulatory environments that lay out the necessary framework for addressing data security for remote workers. For example, HIPAA (Health Insurance Portability and Accountability Act) established guidelines for security and privacy issues related to health data.

For businesses without this benefit, however, it is critical that managers are aware of the dangers inherent in remote access, as mobile workers access confidential company information from afar. And once aware, managers must take a pro-active approach in protecting their corporate information assets.

Let's first consider how a remote or a mobile worker accesses the Internet. The most readily available and pervasive way in highly trafficked locations is through Wi-Fi hotspots. They are everywhere, from cafes to airports, making it increasingly common to find and connect to a public hotspot.

Yet these hotspots have several vulnerabilities. Many mobile professionals simply use the WEP (Wired Equivalent Privacy) encryption security as the minimal precaution they take to safeguard information when accessing a hotspot.

However, WEP security is no longer adequate, and can now be easily and quickly compromised. To adequately protect information at hotspots, savvy mobile workers should use WPA (Wi-Fi Protected Access) or WPA2.

Another way information can be compromised is by configuring the laptop to ad hoc wireless connections. This is convenient for allowing automatic connections based on existing configuration, but opens the door to hackers. Wi-Fi access is delivered via Access Points (AP), so if it is necessary to use a hotspot, one must err on the side of caution, and use APs only at reputable locations, since APs can also be compromised if not properly maintained.

A safe alternative to accessing public hotspots is to get a broadband wireless access card through a cellular provider. Smartphones or PDAs with data plans can also be used as high-speed data modems to connect to a laptop with the right cables and connection application software, also provided by the wireless provider.

Another safe, though more complicated approach is establishing a VPN (Virtual Private Network) connection, that provides a secure end-to-end tunnel between the remote device and the office server. This lets remote employees access data or files from within the corporate servers.

Although establishing a VPN connection creates a highly secure communication channel, it can be difficult for businesses to understand and setup the necessary technology pieces. That's one reason why VPN remains in the realm of highly technical professionals, or businesses with dedicated IT staff.

Besides securing the transport layer, a remote worker's login can also be secured by implementing two factor authentication. Two factor authentication requires two unique pieces of information (e.g., password in combination with a physical token in your possession) to establish identity and access levels.

However, this highly secure method has not gained widespread popularity for one reason: The implementation of two factor authentication is usually accompanied by high expenses related to installation, maintenance, and inventory tracking of the tokens.

Business owners must protect the information on mobile devices too. One of the easiest, but largely ignored, approaches is to simply encrypt confidential data on the laptop. There are various third party applications that accomplish this, but the process has become easier, with all versions of Microsoft Windows 2000 and above now boasting Encryption File System (EFS).

If EFS is enabled, it stores encrypted data in folders or files on the laptop, yet keeps the information hidden from prying eyes in the event of laptop theft. Similarly, for Smartphones or PDAs, businesses have the option to initiate remote wipe-outs of sensitive data in the event a mobile device becomes compromised.

Managers will benefit from understanding that mobile security is not simply a technical issue. There's an important human element to staying safe in a remote environment.

Care should be taken to let remote workers access information necessary to do their jobs, but not give them more than is required. At this point, corporate applications have not been designed to create such silos of information when it comes to departmental or functional access on a remote basis.

But this will soon change in recognition of growing security concerns. By exposing minimal information to the mobile worker, a business would be taking a pro-active approach in mitigating data loss risk.

It also helps to keep mobile workers educated and updated on basic security applications, including anti-virus and anti-spyware protection; personal firewall for intrusion prevention; and regularly posted security updates for the operating system. This protects the worker and the computer.

In short, business owners must understand that managing security is and will remain a moving target as new threats keep emerging. A disciplined and regularly maintained pro-active approach to mitigating these possible threats is the best way to stay ahead and stay safe.

Harprit Singh is President and CEO of Intellicomm Inc., a communications service provider. Intellicomm is the developer of Innoport (www.Innoport.com) mobility-enhancing unified communications service. For more information, visit: www.intellicomm.com.