|
THE WIRELESS REVOLUTION IS HERE
Executives and professional field forces are spending more time on the road doing business. These mobile professionals must be readily accessible to customers, partners and co-workers. In the past, this required that they carry laptops and use cumbersome and expensive remote access systems such as Virtual Private Networks (VPNs). Today, advances in handheld and network technology mean that laptops are no longer needed for secure wireless access to e-mail and other mission-critical enterprise systems.
No longer just a luxury for top executives, mobile technology has become a necessity for field forces. Mobile access to enterprise information systems drives productivity and efficiency. Handheld mobile applications are changing the way that companies, employees and customers conduct business. These technologies can improve business processes in sales, service, marketing and logistics, yielding substantial ROI.
THE SECURITY CHALLENGE
For all the promise of these new technologies, security is the Achilles’ heel of the mobile revolution and must be addressed before the benefits can be fully realized. Surveys of CIOs consistently show that security ranks as their top IT priority, ahead of such concerns as application integration, enterprise resource planning (ERP) and customer relationship management (CRM).
Security breaches put companies’ most valuable information at risk—including intellectual property, proprietary business processes and customer data. As a result, CIOs demand stringent security standards to ensure that mobile users are allowed access to key enterprise data only as authorized and that such data are safeguarded both during transmission and while resident on handhelds.
THE ESSENTIAL ELEMENTS OF WIRELESS SECURITY
Maintaining security while providing mobile workers with access to the information they need when and where they need it is complex. Protecting enterprise IT infrastructure requires a deep understanding of the risks associated with mobile applications, handhelds and wireless networks. The move toward wireless data access extends the perimeter of the corporate network and, like earlier innovations, raises many security issues.
Compared with behind-the-firewall enterprise systems, wireless handheld computing systems are fundamentally different and involve incremental security risks. To ensure security across the entire system, enterprises must recognize and address risks across the three different links in a wireless handheld computing system:
Perimeter or firewall security—When a corporation wishes to make enterprise systems like enterprise messaging servers, CRM, ERP or intranet Web pages accessible wirelessly, the first priority is to maintain the security of the internal network. Any programs running inside the firewall must not open avenues of attack from programs running outside. Additional perimeter security considerations include:
-- Authentication—Each component of a wireless system must be able to prove that it is authorized to communicate on the network. It must not be possible for an attacker to impersonate a handheld or server, thereby misleading authentic services into communicating with it.
-- Administrative security—Enterprises need to ensure that different administrative tasks are accessible only to the appropriate administrator. For example, only the most senior system administrators may modify system-wide security policies while lower level administrators may provision new users.
- Transmission/Over-the-Air (OTA) security—When internal information is transmitted over the public Internet and/or a wireless network, the data must be protected against interception or “man-in-the-middle” attacks. Data packets can be intercepted and read if unencrypted or weakly encrypted transmission security is employed. The handheld session itself can be hijacked and an unauthorized user can interact with backend systems if transmission and authentication security is not robust.
- Handheld security—Once internal information is received and decrypted for viewing on a handheld, that information must be protected against access by unauthorized users or programs on the handheld. Handheld security must also address corporate requirements to control various functions on the handheld (like use of Wi-Fi, Bluetooth,® cameras, speakers, etc.) as well as provide IT managers with a mechanism to control which applications are used on a handheld.
The Good™ wireless handheld computing system provides end-to-end security across these three critical links. Additionally, the Good System puts security completely in the hands of IT managers and does not require users to set security parameters or make any security decisions. This white paper will outline in detail the security features of the Good System.
|
