/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
Andrew Namboka heads a team that takes care of the technical needs of
customers and channel partners around the Asia-Pacific region. He has more than
15 years of experience in data communications industry. In an interview with
VOICE&DATA, Namboka discusses the state of enterprise wireless security.
Excerpts:
What is the current level of security on mobile networks, both cellular
and WLANs? Is it sufficient to stop unauthorized access to private information
over the network and on the devices?
First, we need to bear in mind the difference between cellular networks and
Wi-Fi networks. Cellular networks are true mobile networks (where you can walk
around while still connected to a phone call, and Wi-Fi hotspots are in fact
static areas (where users have to remain 'fixed' to the hotspot to access a
WLAN). In general, cellular networks such as those of GSM are secure because
they are closed networks. When you make a voice GSM connection with the carrier,
it is difficult for others to tap in without the use of very sophisticated
equipment. Using cellular access to data in corporate networks-i.e., using GSM
for data as you've seen in WAP deployment by carriers-has not been very
successful as the connection is slow and expensive.
|
|
/vnd/media/post_attachments/5a06894f83e3d07fd1bbbbd3d6c59f8e7b722c8ea9e987c1711b6d93c758366f.jpg)
There is the promise of EDGE and 3G, of course, but these are works in
progress and not well tested yet for corporate data and corporate applications.
Only a few markets in APAC have EDGE and we are seeing only the rollout of 3G.
The rise of Wi-Fi hotspots is seen as an alternative to accessing corporate
networks while on the move, either via laptops or WLAN-enabled devices. WLAN has
had issues with security, especially for corporate WLAN deployments (keeping
them open to attacks) and the laptops accessing WLAN hotspots (making the
laptops open to attacks).
What are the technologies available for tackling the problem of security
in mobile networks?
VPN is the most reliable technology to tackle the problem of security in mobile
networks. VPNs are already mobile (Nokia offers IPSec-VPN clients on many of its
Symbian-based devices). Mobile VPNs provide a high level of security for mobile
business users who wish to connect to their corporate network. While
conceptually similar to a remote-access VPN, the mobility of the remote device,
diversity of the underlying network infrastructure, and limited resources of a
mobile phone bring in new challenges.
Mobile VPN is only one part in a corporate security package. Personal
firewall, anti-virus, and local data encryption are other essential components
in an enterprise. More importantly, if users store sensitive information on
devices, then they might also need file encryption on the device. Nokia has a
security function on the Nokia 9500 Communicator and it offers SMS-activated
security.
Do service providers have any role in the security aspect of handsets?
Companies can secure their networks with VPNs for mobile access without any
specific role of a carrier. All carrier networks are secured with carrier-class
firewalls, so IP-based data is not vulnerable in general.
Having said that, carriers do need to perform regular security audits and
proactively implement solutions that counter or suppress any breach of network
security.
How are you geared up to provide security updates to users?
Nokia has been providing IT security solutions that feature automatic security
updates for enterprises and operators for many years now. Nokia's latest IP-VPN
products already offer advance security features that allow over-the-air
provisioning and updates for mobile devices and these products allow network
managers to make zero downtime upgrades.
Nokia continues to address mobile security and device management in a variety
of ways. It is already apparent that device security and its management will
become an increasingly important issue for mobile computing now and in the near
future. Security vendors must be able to offer enhanced and flexible security
solutions, such as the Nokia IPSec-VPN management tool, so that updating
software on the devices can be managed centrally.
What do you think should be done to check mobile spam and mobile viruses?
Mobile spam can be tackled in much the same way as e-mail spam, in that
users should complain to their ISPs when they receive it. Responsible carriers
should offer a similar service to their customers so they're able to report
mobile spam and stop it.
Mobile viruses have just started to show up, but are not prevalent yet. We
have to remain vigilant. Symantec offers AV (anti-virus) solution for mobile
devices. Symbian has also provided an infrastructure that allows network
operators and manufacturers to use application signing, which verifies the
integrity of an application before it can be used on a Symbian handset.
Who is finally accountable for providing mobile security? Is it the
service providers, the handset vendors, or the mobile OS vendors?
Mobile or network security affects everyone, so it shouldn't be the sole
responsibility of service providers, handset manufacturerers, or platform
vendors to be security conscious. Everyone has a role to play. Carriers already
provide the best levels of security at the backend.
Users of mobile handsets should be aware of the hazards of keeping sensitive
information on a mobile device. They should ensure there is adequate level of
security on their devices in case they get lost or stolen.
Handset vendors already offer security for handsets. Users should check the
type of security features on their mobile devices before purchasing.
Also, corporate IT managers must put in place the right security policies for
employees to access their mobile devices. This is an ongoing process and needs
to be examined periodically, and it requires good management of security updates
for devices and network security hardware.
As in the case of desktops, are there virus scans available for handsets?
Symantec Client Security for Nokia Communicator provides integrated firewall
and anti-virus capabilities for Nokia 9500 Communicator, and protects it against
malicious Symbian OS threats such as: viruses, trojans, and worms. F-Secure has
also developed its F-Secure Mobile Anti-Virus software for Symbian 60 handhelds.
What security features are built into Nokia handsets?
Nokia business phones support a broad range of standards-based security
solutions. As we have seen above, the Nokia Mobile VPN Client on the Nokia 9500
Communicator integrates with existing corporate infrastructure and extends the
use of IPSec VPN to the device. Nokia business phones also boast of other
security features such as device lock and secure sockets layer (SSL) encryption
for Web-based applications.
Nokia is actively working with mobility software providers to develop secure
applications for our platform. An interesting example is our collaboration with
Good Technology for mobile e-mail solutions that can be remotely managed and
secured. When a user loses his/her Nokia 9500 Communicator phone, the company's
IT administrator can remotely clean the phone of all sensitive data, then lock
it down to prevent illegal access.