Endpoint security extended to smartphones

News Analysis

Endpoint security extended to smartphones

Andrew R. Hickey, Senior News Writer
Protecting laptops with security policies is a given in this day and age, but for many companies, smartphones and other mobile devices are often neglected.

Yesterday, Redwood City, Calif.-based Network Chemistry released the latest version of its RFprotect Endpoint software, which has been enhanced to protect smartphones, as well as notebooks.

Brian de Haaff, Network Chemistry's vice president of product management and marketing, said managers can now use RFprotect Endpoint to centrally manage and set security policies for smartphones, whether they're connected at the office, at home or on the road.

According to a recent study by Gartner Inc., 22% of enterprise workforces use some form of mobile applications. Couple that with the fact that smartphone shipments are expected to increase 66% to roughly 81 million by year's end, and it's clear that wireless and mobile devices are quickly becoming standard and necessary business tools.

Much like laptops, smartphones offer both convenience and connectivity, but they increase the risk of data loss and unauthorized access to corporate resources. Oftentimes, the manufacturer's default settings can create vulnerabilities, jeopardizing network infrastructure and confidential data.

...End users will always select connectivity over security.
Brian de Haaff
Vice President of Product Management and MarketingNetwork Chemistry
De Haaff, who called smartphones "laptop lights," said RFprotect Endpoint offers a single platform to apply policy to laptops and smartphones that run Microsoft's Windows Mobile platform or the Symbian operating systems. De Haaff said Network Chemistry decided on Windows Mobile and Symbian after weighing the various platforms and operating systems to determine their openness.

"How open is the platform to run new applications?" de Haaff said.

End users often ignore or are unaware of the fact that certain behavior is dangerous, and, as de Haaff said, "end users will always select connectivity over security."

Also, companies still struggle with how to manage and enforce policy on hundreds and thousands of enterprise devices.

RFprotect Endpoint enforces wireless security policy outside the enterprise to ensure that data privacy is maintained and compliance regulations are met. It also lets organizations deploy a single network connection policy framework on laptops and smartphones for wired, wireless LAN and wireless broadband connections. RFprotect Endpoint also provides detailed reporting and audition by device based on when, where and what networks were used, which can ensure compliance with industry and government regulations.

Ensuring compliance has become a necessity, too, and according to recent research from the BPM Forum, many companies aren't up to snuff when it comes to mobile compliance.

Adriano Gonzalez, vice president of strategy and programming for the BPM Forum, said the study found that 40% of companies have no security in place to protect against data leakage and fulfill compliance requirements. Of that 40%, 65% said mobile compliance and security are not even on their radar screens. Also, the study found that 37% of respondents are only nominally concerned about mobile device security despite negative publicity associated with mobile security breaches.

According to de Haaff, RFprotect Endpoint can protect mobile devices by allowing enterprises to set policies that allow connections to pre-approved networks only, preventing them from connecting to rogue access points, ad hoc networks and evil-twin attackers. It integrates with Microsoft Active Director for group policy setting and features management support for various wireless technologies, including Wi-Fi, Bluetooth, EVDO, HSDPA and GPRS/EDGE.

For more information
Check out our story on mobile compliance

Read more about Sybase iAnywhere

Learn how mobile viruses hit smartphones
Jack Gold, president and founder of J. Gold Associates, a Northborough, Mass.-based research and advisory firm, said RFprotect Endpoint should be used as a partial security solution to protect smartphones. He said other security vendors, such as Credent and Sybase iAnywhere, offer more complete solutions. RFprotect Endpoint seems to focus solely on what network a device can connect to, Gold said, not what a user does with the data on the device.

"While this is not a trivial issue -- what network and how I connect -- it is equally important to protect the entire device and all its data," he said.

Joe Stocker, manager of network engineering for SunCal Companies, said, however, that the proliferation of smartphones and other mobile devices makes it necessary to protect how those devices connect and to what networks.

"When a smartphone starts becoming an 802.11 client on your network, it gets an IP address, and that can become a security threat," Stocker said. "It certainly has the capability to be just as damaging as a laptop."

SunCal Companies, the largest privately held community developer in the western United States, has roughly 250 wireless devices deployed, many of which are smartphones, Stocker said. He noted that smartphones are an entry point into the network, and keeping them secure is a solid way to manage risk. SunCal Companies use RFprotect Endpoint for laptop security, he said, adding that he hopes to try it out for smartphones soon.

Stocker said that as smartphones have matured and evolved, so have the potential risks they can introduce, making it necessary to set policies to protect them from connecting to the network from non-IT-authorized areas.

"Smartphones are really behind the firewall," he said. "And as these phones evolve and take advantage of corporate networks, you're really going to see companies taking a look at [protecting them]."


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy