/* Partykof: Mobile devices - The backdoor to your enterprise - Managing information and Technology */
In this blog, I am summarizing some of my work so far and the issues I'm facing everyday in my work as an IT professional.
You are welcome to follow, comment and share with others. If you want to drop me a private note, send me an e-mail

Wednesday, December 15, 2010

Mobile devices - The backdoor to your enterprise

In the past years, mobile devices and smartphones in particular have presented a new threat to the leakage of information from the organization. The CEO's iPhone was lost and his emails are now exposed to the world, or maybe worse, the Sysadmin's blackberry with some passwords or other important data was stolen. Well, there are many ways that can help you assist minimize the risk by remotely revoking or erasing the device, and I am not going to discuss those.
The huge install base of the iPhone and Android devices is very appealing to hostile entities who wish to penetrate your organization's shield and retrieve information or maybe just damage it. Be it Cybercrime criminal or Cyberwar soldiers, these mobile devices have become their gateway to your fortress, and they are not that protected.
Apple offers the iTunes store where you can download thousands of applications for your iPhone. Are these apps secured, well, some are, and most of them are really harmful, well let's just say for the sake of the discussion they are.
Google offers a huge Market place for Android applications, developed under the umbrella of the open source community, which allows a variety of apps which anyone can develop. Are these apps verified as secured, well they might be, but then again their not really checked, not each and every one.
Let's take a simple scenario where an app is checked and it seems secured. But if someone creates two apps that each on its own, is harmful, but when put together on the same device can become hole for the dropper. The dropper, is a payload carrier for hackers to put any kind of code they wish to hijack your device to their needs.
The problem becomes very clear, when you jailbreak an iPhone, in that case, the jailbreak application or its process can leave a hole for that same purpose. It might be later, when you download a cracked app that you can find on Cydia, or maybe the one you downloaded from a torrent site somewhere, can be this mobile Trojan horse.
The next stage will be for this Trojan to collect your stored credentials to gain access to your corporate network, or maybe to place another dropper that will place a Trojan the minute you plug your iPhone to your computer, and their in.

For now there is no real way to identify a jailbreak iPhone remotely, since Apple cannot keep up with the ones who develop it. Some even say that they are silently dropping the SDK that was used for that, which other companies used to develop product that would block it.
There is not much to do around that except be smart. Here are some tips I could think of that might assist in this situation, at least until someone comes up with a solid solution.

  1. Communicate and educate users about these threats, so they will be aware of the consequences.
  2. Set a policy that allows only iPhones that have not gone through the jailbreak process to be connected to your servers.
  3. Consider using an anti-virus application on your mobile devices. 
  4. Recommend that the iPhone will be used for business purposes only – well, as much as possible.
  5. Enforce password access to unlock  these devices.
  6. Purchase and install certified apps only.
  7. Make sure you can remotely disable and wipe the device in case it was lost or stolen.

I guess there are many more that others could think of. If any comes to your mind, you can leave a comment or maybe send me a note and I will include them.

Be safe.



NJ said...

Infected Android app runs up big texting bills
Hackers up ante by adding more malicious 'features' to legitimate smartphone apps.

NJ said...


Post a Comment