News

  • Home > News

        Report: Bluetooth-enabled PDAs and smartphones pose security risk

        Doug | Date: May 11, 2004 | Comments: 1


        As advances in PDAs and smart cellphones have made them as powerful as desktop computers, employees are purchasing them in greater numbers and connecting them to their employers' computer systems, according to a survey commissioned by Bluefire Security Technologies and conducted by analyst firm TNS NFO.

        Eighty-six percent of employers knowingly permit these employee mobile devices, yet nearly the same number -- 83.6 percent of employers -- have failed to set usage guidelines for these devices, leaving their computer systems vulnerable to malicious code attacks and information theft, the survey found.

        Employees are not any more aware than their employers of the threat their mobile devices pose to computer systems. The survey also found that 74.6 percent of employees that use personal mobile devices either do not have, or do not know whether they have, any security protection on their PDAs or smart phones.

        According to the report, serious risk exists when an employee places a mobile device into an in-office cradle, because the device is recognized by the company network as a trusted user and given clearance to access mission-critical information behind the network security protection. A business competitor could then gain free access to a companys entire database, and a sophisticated hacker could enter a corporate network through the device and use it to plant a computer program that would send information back to the source, undetected for an extended period of time.

        The survey polled users of handheld devices from a weighted sample of Internet-connected households. In addition to the findings regarding the business use of employee handhelds, the study also found that consumers store vulnerable confidential information on their devices:
        • Nearly 40 percent of PDAs and smart phones contain credit card numbers.
        • More than 25 percent store incomes.
        • Approximately 19 percent reveal health problems.
        • Love letters reside on approximately 17 percent of PDAs and smart phones.
        Only 9.5 percent of respondents, however, thought they would be embarrassed if someone stole any of this confidential information and posted it on the Internet.

        "Consumers are clearly storing personal information considered private on their mobile devices, while employees using these devices for business are very likely storing data that their employers would regard as confidential," said Tom Goodman, vice president of operations for Bluefire Security Technologies.


        Related stories: