Protect Your Network From Smart Phones

We subscribe to a news service called Weave.  It searches the web for tech related news stories.  Most of these are nothing more than advertisements for new products being released.  But there was a headline recently that grabbed my attention:

Hackers can control almost all Android phones.” 

The article, by Claire Porter of news.com.au, goes on to point out that researchers have discovered a flaw in the code that is used to make Android apps work.  Hackers have been able to exploit this flaw to infect your apps with Trojan viruses.  These can do things like steal any password or financial information on your phone, or move itself on to any network you connect to.  This flaw affects over 900 million devices.

So, a smart hacker is not going to affect your phone or apps at all.  They are going after the big game, your employer.  They may be able to get a few hundred or thousand from you, but they can potentially get much more from your company.  And don’t think you are immune.  There was a story on our local news a few months back about a pizza restaurant that had been hacked.  The hackers gathered the customers’ credit card numbers and waited more than six months before using them.  60 Minutes did a piece on some former drug dealers in Florida.  They switched to hacking credit card numbers because it is safer and there is less chance of being caught.  One of them admitted to making more in an afternoon hacking than they could make in a month dealing, and there was almost no chance of being shot.

So how do you protect your company from attack when every one of your employees has a cell phone?  You need to develop a strategy on how to allow the employees wireless access, but keep them off your network.  The IT industry calls this a BYOD (bring your own device) policy.

The simplest way to protect yourself is to create a separate network called a guest network.  This will give the employees access to wireless Internet without allowing them to connect with the systems, servers, and information you are trying to protect.  They will have a completely distinct and detached network.  Most routers have the ability to do this easily.

Things get more complicated if you need some of those employees to use the resources of the primary network.  You are going to have to develop a set of standards regarding antivirus and antimalware programs that you will require.   There must be restrictions on both the software loaded on the phone or tablet, and strict enforcement of where the resulting files are stored.

We have seen cases in which the employee must agree to open their devices to a remote wipe if the device is lost or stolen, or if the employee leaves the company.  A disgruntled employee can devastate a business if they are allowed to leave with a tablet, or laptop filled with your client information, and your company secrets.

Before you just arbitrarily start enforcing a new policy, we recommend getting a group of your employees together and talk with them.  Get their input.  Make them understand the threats and make them partially responsible for your protection.  If they know they are potentially part of the problem, they should be happy to be part of the solution.

Leave a Comment