|
Hack2-CompGde-081706.qxd 8/17/06 4:14 PM Page 1
Advanced
Hacking Techniques:
Implications for a
Mobile Workforce
By Daniel V. Hoffman, CISSP, CWNA, CEHAugust, 2006Hack2-CompGde-081706.qxd 8/17/06 4:14 PM Page 2
1
CONTENTS
Introduction 2
The Changing Threat Landscape 3
Step-by-Step Guide: Hacking the 4Mobile Workforce
Security Fundamentals: Rethink Your Security 7Strategy with the Mobile Worker in Mind
Sponsor Perspective: 8Fiberlink: Simple. Secure. Mobility.
DEMONSTRATION
Click here to view the demonstration:"Hacking the Mobile Workforce"
© 2006 Fiberlink Communications, Corp.Hack2-CompGde-081706.qxd 8/17/06 4:14 PM Page 3
2
EXECUTIVE SUMMARY Some interesting market trends also support thissame point:Laptops are being deployed within enterprises at an . By 2008, 75% of the sales and services workforceincreasing rate, mostly because of the flexibility and worldwide will be mobile. (Gartner)convenience they provide employees, and in turn, the . In May 2005, notebook sales accounted for 53% of theproductivity gains they provide for the companies. total U.S. PC market, outpacing desktop sales for thefirst time. (Current Analysis, July 2005)It's impossible to go anywhere today without seeing people working outside the traditional office setting on This shift in employee mobility has created a need totheir laptops - at the local coffee shop, while lounging in redefine the mobile worker. No longer can a mobile workerthe park, standing at their kitchen counters, waiting at be defined solely as a "road warrior," the traveling sales-airport gates, and working in their hotel rooms. Gone are person who spends upwards of 80% of their time on thethe days when road going from airport, to hotel, to customer site, etc. people worked It may also be a teleworker - someone who works 86% of employees in the United States from 9:5 at mainly from their home office and uses either a laptop will be working on laptops by 2007. the office. As or sometimes even a personal PC. In today's business-Gartner Research John Girard environment, a mobile worker can be defined simply stated in a as any user that has been issued a mobile computingreport on 1 device, such as a laptop. Managing the Mobile & Remote Wireless Workforce ,"during recent years, the volume of people working outside With the growth in mobile laptop usage comes a new setthe settings of central offices has risen steadily. No matter of complexities for enterprises trying to make it simplewhere people are physically located, they are usually and seamless for their end-users to connect, while at theinvolved in remote work. Their outputs, collaborations, same time, protecting their network, their assets and themeetings and styles are characterized by interactions reputation of their business.that are electronic, not face-to-face."
In November 2005, a Boeing Co. laptop with personalinformation on 160,000 current and former employeeswas stolen and never recovered.
DEMONSTRATION
Click here to view the demonstration:"Hacking the Mobile Workforce"
© 2006 Fiberlink Communications, Corp.Hack2-CompGde-081706.qxd 8/17/06 4:14 PM Page 4
3
THE CHANGING THREAT LANDSCAPE Although most enterprises are aware of these sophisticatedWeb-based attacks, the threat is as daunting as ever.When it comes to protecting data and devices, many ITprofessionals say that it has become too difficult to keepup. In other words, staying ahead of the security curve isoverwhelming, and many feel like they are not leading, More than 59 million cyberassaults originate in 4but rather responding or reacting. Conversely, there are North America alone in an average 24-hour period.-Consumer Reports, July 2006others that feel like they have it all covered. Their end-users aren't complaining, their executives are happy, theyhaven't experienced any security breaches, and costs areunder control. In our first video analysis, "Real World The Disconnected ThreatSecurity Threats: The Anatomy of a Hack" (12/2005), In a 2005 FBI Computer Crime Survey, US companiesDan Hoffman (Systems Engineer) walked through three alone lost an estimated $67 billion due to computerprimary network-based threats: crimes (e.g., viruses, spyware, PC theft and other computercrimes). This is despite the fact that virtually all of the1. Credentials and data sniffing organizations surv... [download for more]
|
