The coming together of cloud computing, wireless networking and device evolution have created a “perfect storm” in IT which is redefining the very nature of mobility. Prior to the intersection of these forces, the term mobility was used interchangeably with wireless. I would argue that we’ve never really had the building blocks of true mobility; instead we had devices that allowed us to be portable.

What would happen if the user were to lose the device? All of the data stored on the device would be lost. What if the user wants to carry a second device such as a tablet or notebook? Then the onus would be on the user to continually find a way to synchronise the information between the devices.

This isn’t ideal but is manageable when the user has just a couple of devices, but today workers carry anywhere from 3 to as many as 7 devices. Managing the manual movement of data be-tween many devices will be unreliable at best.

The redefinition of mobility involves mobilising not only the device and the user but the content as well. For example, shifting from a premise based e-mail system to a cloud based solution means that a worker could have the same experience on a mobile phone, tablet, notebook or desktop. Any change made on one device would instantly show up on the other devices. Any content over any network on the device of the users choice. This is made possible by the fusion of device evolution, cloud computing and pervasive wireless. Mobility redefined.

To achieve this level of true mobility, the network needs evolve, adapt and change in order to provide a high quality, secure experience.

To enable this ‘redefined mobility’ the network must provide the following:

To read the original article and more about mobility and the impact within the education sector download the Imerja newsletter, Business Download, or email [email protected] to subscribe to future issues.

Want to win the Information Security game?

There’s an element of luck in any game, but when it comes to securing your IT infrastructure and protecting your information assets, you need to invest in a winning strategy.

Find our more at SOCITM 2011.

Organisations are constantly faced with escalating business demands and an evolving compliance landscape. The costs associated with a data loss or system breach have increased with financial penalties being more frequently imposed by the ICO, FSA and other regulatory agencies.

Growth in mobility and the use of personal devices in the work place has added to the challenge of protecting your business, putting IT teams under pressure to reduce costs and complexity, and achieve more with existing resources. As a result, organisations are looking for an effective solution – one that is more simple, flexible and easier to manage.

As new threats and needs emerge, Check Point’s Software Blade architecture quickly and flexibly extends security services on-demand – without the addition of new hardware or management interfaces. All solutions are centrally managed through a single console that reduces complexity and operational overhead, delivering a lower total cost of ownership, faster return on investment and cost-efficient protection to meet any network security need – today and in the future.

——————–

Thursday 1 December – Innovation – open data and apps

Join our SOCITM discussion table and discover how mobile technology can enhance service delivery and improve citizen engagement.

The discussion will be chaired by Jamie Kirk from the LGA, who recently undertook an international research project into how the US, Canadian and UK governments are using smart phone apps, mobile technology and open data to deliver services and engage with citizens in more effectively.

——————–

To find out how Imerja and Check Point can help you develop a winning strategy to address your information security challenges, reduce cost and improve performance, please visit us on stand S1 at SOCITM 2011, taking place at Birmingham Hilton NEC from 29 Nov to 1 Dec.

Alternatively, contact us on 0844 225 288 or email [email protected].

Imerja’s CTO, Matt Hampton was recently interviewed on 5 Live Drive about the recent article reported in the Guardian on the security risks associated with ‘Evil Twin’ access points. In this blog Matt describes the experience, and provides further insight into the threat and measures which individualsand businesses can take to minimise the potential threat.

- – - – - – - – - -

Tuesday 26 April – afternon. Just got off the phone after Imerja recevied a call from Radio 5 Live to provide expert comment on a breaking story on the use of Evil Twin access points and the impact to smartphone users.

The whole process was quite interesting – being interviewed by a researcher first (I assume to make sure that I was a suitable interview subject)  and then arranging how they were going to call me back shortly for a live broadcast on drive time news. Apparently mobiles are out and landlines are the preference.  This caused a small issue as I was working from home and our house only has a landline to support the Internet connection and is in our lounge which was in use by three small children having their tea!  The compromise was Skype.

In the event everything went fine, but I found there was more I wanted to say that time allowed – so the focus of this post is to expand on the main points during the on air interview; here is what I really wanted to say:

Q – what do you make of this investigation?

Nothing new was found by the investigation – the same issues  have been reported on numerous times - I am aware of reports as far back as January 2005, which was covered by the BBC and was the subject of a BBC Three TV “The Real Hustle” (I can’t confirm the first airing of the episode but Google suggests it may have been as early as January 2007).  It was then covered on BBC Watchdog in October 2009 but with a slightly different slant.

What is new is the prevalence of devices that connect to Wifi networks – including mobile phones – and the fact they will probably configured to automatically connect.  In addition there are now network providers who are shipping mobile pre-provisioned (or are pushing updates to their customers) to automatically use Wifi networks in range.

Q – how do these cloned hotspots work exactly?

I didn’t really get a chance to explain this one – it is quite well explained here on Wikipedia.

To summarise – there are two attack vectors:

1. the device sees a network it recognises (same name) and automatically connects.  It will then try and connect to it’s services (e.g. Email) and most of these will use unencrypted protocols allowing passwords to be collected.
2. the User connects to a “well known” provider and enters credit card details to obtain access when the system is actually harvesting credit card details.

Q – is this a well known problem in the industry?

I think the first question covers this – but the answer is yes.  So much so that CESG issue guidance that Wifi hotspots that require you to authenticate via a captive portal should not be used by (effectively) any public sector worker.

Q – why is there no permanent fix?

This is a question of ease of use versus security.  There are ways of securing the infrastructure however this would require users to take extra configuration steps before using the services.  This in turn will increase the cost of provision.

This issue is down to how the protocol was originally designed – remember that this is the lowest common denominator of connectivity support as various new authentication schemes have been added in response to increasing levels of threat.

Q – what can people do to protect themselves?

As I said in the interview, there is nothing a “normal” user can do at present as most handsets are not capable of verifying the Access Points.  The Guardian article suggest that WiFi should be disabled until you need it as at present the service providers can’t solve this issue.

It should also be noted that Business Users are at risk as well – any unsecured connection (e.g. POP3 or IMAP) could be intercepted and used to access email accounts (note this could happen on any unsecured network whether an Evil Twin or not).  To reduce the risks to the business technology such as those provided by Good Technology and RIMs Blackberry reduce the risk of exposing business information but still expose the user (entering credit card details) to risk.

To be clear – this is a a user education issue and also an industry problem which requires handset/mobile device manufacturers and network providers to work together to build a level of assurance in to their systems.

For more information on the Evil Twin threat and steps you can take to protect yourself from being a victim of data theft please contact Imerja on 0844 225 2888 or email us at [email protected].