My first mobile phone was bigger than a brick, with no built-in memory, limited availability of services, and poor call quality. Hardly a threat to national security let alone the enterprise. Improved network speeds and more powerful features have combined to transform handsets into devices more like a computer than traditional telephone.
Today’s mobile phones have amazing processing capabilities, on board and removable memory, email clients, text messaging, cameras—and employees as wells as criminals are finding them to be highly effective productivity tools.
And what’s not to love? They organise our lives, keep us connected and informed and provide us with hours of entertainment—music, videos, games, and more. According to one wireless industry group, there are more than 250 million wireless subscribers in the United States.
Mobile phones really do make our lives simpler, don’t they? Well maybe not exactly “simpler” if you are in charge of security at any government agency, financial institution, research and development lab, airport or prison. Their usefulness has not gone unnoticed by terrorists, spies, inside traders, prison inmates, identity thieves, and other criminals.
There are a growing number of instances in which an employee or visitor in a corporate facility, factory, research and development lab or business exposition has photographed sensitive information, prototype products or processes using a cellular phone and sent the data instantly elsewhere.
Mobile phones may be used to circumvent IT policies, such as call recording requirements, or as a remote eavesdropping mechanism in highly classified environments.
Reports point to the illicit use of a cell phone—used to circumvent monitored phones lines—as the main cause of the recent Société Générale breach, which cost the bank almost US$7 billion in losses.
Inmates use contra-band cell phones to conduct illegal activities from within the confines of prison. Terrorists use cell phones to remotely detonate bombs or for other treacherous activities. Beyond security breaches, cell phones can interfere with the proper functioning of equipment in hospitals, airplanes and other highly sensitive environments.
The implications of these new hybrid cell phones in the hands of millions of people have huge security and regulatory implications for many industries. Enterprises are slowly responding to real and potential misuse of mobile phones.
Just over half of members surveyed by the Society for Human Resources Management have written policies addressing the use of standard cell phones. Fewer have written policies for the use of camera phones.
In highly sensitive environments, where policy enforcement and compliance with data security regulations is mission critical, the use cell phone detection technologies are growing in popularity.
Wireless Intrusion Detection and Prevention Solutions (WIDPS) with cellular locationing capabilities can be used to effectively enforce bans on cell phones or monitor their usage—helping to turn the tables on would-be criminals by providing a highly reliable and sophisticated solution for detecting, and more importantly, locating the devices they rely on to perpetrate their crimes.
The capabilities of cell phone detection technologies vary greatly. Depending on your unique environmental and security requirements, here are some considerations that may be important to your organisation:
? Does it detect cellular signals indoor as well as outdoors?
? Can it locate cell phones on all bands with an accuracy of X feet or better?
? Will it track multiple events including when a phone is turned on, call is placed or SMS message is sent?
? What forensic data can be captured and stored? And will the data be sufficient to use as evidence in legal proceedings?
? Does it allow sensors to piggyback onto existing infrastructure without requiring a dedicated network to run?
The reality is – cell phones aren’t just for making emergency calls anymore and as mobile phone evolve, so do the threats they pose to the enterprise.
Phones with built-in cameras and data storage and transfer capabilities introduce new fraud opportunities and threaten the security of proprietary and confidential information. To mitigate these risks, organisations need well-documented cell phone policies and reliable methods of enforcement.
Cell phone detection technologies can give IT departments the upper hand to stop a breach before it occurs and provide law enforcement the evidence they need to prosecute cell phone wielding criminals.
Mobile phone: productivity super hero, IT security Achilles heel
By Nicholas Miller, CEO, AirPatrol on May 14, 2008 3:42PM