Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Firms fail to tackle mobile security risk
From: InfoSec News <isn () C4I ORG>
Date: Fri, 20 Oct 2000 18:29:49 -0500
http://www.zdnet.co.uk/news/2000/41/ns-18581.html

Fri, 20 Oct 2000 12:03:55 GMT
David Neal, IT Week

Allow remote access? Let temporary workers onto your systems? You
could be leaving yourself open to all sorts of trouble, says survey

Businesses should reassess their security strategies taking into
account modern practices such as working from home and allowing
temporary workers access to company databases, according to new
research.

The survey, Security Risk Management in the Flexible Workplace, was
conducted by BindView, a supplier of risk management solutions. Paul
Silver, director of operations for the UK and Scandinavia, said the
survey highlighted two problems: firms lack the necessary security
procedures to avoid internal and external breaches of security, and
leave themselves wide open by using easily hackable system passwords.

Only 12 percent of the companies questioned had a policy regarding
communications over mobile networks. Twenty-seven percent of
respondents said their employees used notebook PCs remotely at client
business premises while 37 percent said staff worked from home via
remote access to the corporate network. This, said Silver, "opens up
communications to hackers who could access cached user names and
passwords". Other security threats come from employees using notebooks
on public transport - found to be common among half of the companies
polled.

In addition, 53 percent of managers questioned said their IT
department often had no idea where company laptops were. And when
those laptops are in workers' homes, most are lent to friends or
flatmates.

Silver advised that companies should plan an effective strategy and
put security products and procedures in place, but most importantly he
warned, "They need to pass their message on to their workers."

BindView polled 1000 UK companies across all business areas.

What To Do Checklist:

* Choose passwords that are not easily identified or guessed at

* Do not give temporary workers access to sensitive company or
  customer information

* Create a company policy that governs the use of equipment both
  inside and out of the office.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".

  By Date           By Thread  

Current thread:
  • Firms fail to tackle mobile security risk InfoSec News (Oct 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]