Issue link: https://epubs.iltanet.org/i/50188
short order. RBC Capital Markets forecasts that by 2012, 35.1 percent of global handsets (or 504 million units) will be smartphones, largely as a result of an anticipated shift to email messaging, browsing, applications and content. MOBILE INSECURITY Risk is rising on two different fronts in the mobile arena. First, the use of smartphones for business correspondence and other sensitive communications is for the most part unmonitored. This was not a concern when mobile phones were primarily used for voice and personal communications. Now, however, employees at law firms are using their smartphones to send and receive text and email messages and forward files — all activities that used to be managed by desktop functions where security processes are well in hand. But that's simply not the case for mobile communications. Alongside the increased use of smartphones for business communications and advanced functionality is a significant increase in technology that can intercept mobile messaging. There are countless off-the-shelf, publicly available, free software and firmware resources for the hacking community. These perpetrators line their pockets by participating in a highly profitable market that thrives on intercepting confidential information exchanges. It is only made that much easier for them by the vast number of publicly available, unsecured Wi-Fi networks. Even within the law firm walls, managers are challenged by something less malicious, but nevertheless insidious: employees using a wide range of unaccounted-for mobile devices to conduct day- to-day business communications. This is reminiscent of the early days of wireless networks, when staff took to installing their own routers. This rogue activity undermines the traditional centralized IT management approach. If an iPad or BlackBerry is stolen, there's very little an IT manager can do to safeguard the information on it. All of this means that IT managers are facing less control and increased risk. Even if IT can find a way to control a device at the point of origin, it can't police the unprotected Wi-Fi network that a person might be using during their travels, or the devices and/or users to which the information is sent. In addition, if information is sent over a protected network, what network it ends up on at the recipient's end is anyone's guess. This issue definitely came to light when the iPhone and Android came into the picture. In fact, over the last year, growth numbers for the Android platform have outstripped the iPhone, which represents a huge opportunity — and a huge threat. The Android brings an added risk to the equation, since applications can be downloaded from any location, rather than a centrally managed application store. At this point in time, the general assumption is that every phone is potentially a business device and therefore a danger to security. MANAGING THE CHAOS There have been attempts at adopting a device lockdown policy. But this has had little to no effect. Granted, it was easily accomplished when the BlackBerry Enterprise Server was the predominant business platform of choice, because of centrally provisioned data. But with the multiple devices, operating systems, networks and security measures being used www.iltanet.org Tech Potpourri 55