http://www.gcn.com/online/vol1_no1/47486-1.html By William Jackson GCN.com 11/03/08 The use of increasingly powerful cell phones and other portable devices as business tools can open an enterprise to a new class of cyber threats, and the National Institute of Standards and Technology has released guidelines for mitigating these risks. Special Publication 800-124 [1], titled "Guidelines on Cell Phone and PDA Security" is an overview of common cell phone and personal digital assistant devices, their associated risks and guidelines for mitigating the risks. The guidelines are not mandatory standards, but are recommendations intended to help users and administrators make informed information technology security decisions on their use. "Cell phones and Personal Digital Assistants (PDAs) have become indispensable tools for today's highly mobile workforce," the publication says. They are being used not only for voice calls, text messages, and managing personal information, but also for many functions that are typically done on a desktop laptop computer, including .sending and receiving electronic mail, browsing the Web, storing and modifying documents, delivering presentations, and remotely accessing data.. The devices also can contain specialized features such as cameras, a Global Positioning System, and small removable-media card slots, and employ a range of wireless interfaces that include infrared, Wi-Fi, Bluetooth, as well as multiple cellular interfaces. Through these features, the devices are increasingly subject to many of the threats common to desktop systems as well as others. The threats include loss or theft; malware infection through tainted storage media or wireless connections; text and voice spam as well as the e-mail variety, which can be used for phishing as well as resulting in charges for inbound messages; electronic eavesdropping through a variety of channels; location tracking; theft of service through cloning; and exposure of sensitive data at the server. [1] http://csrc.nist.gov/publications/nistpubs/800-124/SP800-124.pdf [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Mon Nov 03 2008 - 22:18:16 PST
This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 22:31:22 PST