BlackBerrys pose security threat to businesses
News Article - Wednesday, March 12, 2008 11:15
Filed under: IT Security & Business Continuity
|
 |
Many BlackBerry's may be providing hackers with an easy access to sensitive information by using the Enterprise Server according to one testing firm.
Most customers using the BlackBerry Server with Microsoft Exchange were found to be opening unencrypted ports from their network to service providers, according to the penetration testing consultancy NTA Monitor.
Companies are being urged to configure the devices and lock them down to reduce a risk to their IT security.
Roy Hills, a technical director at NTA said that to prevent session hijacking, IP spoofing or the interception of data companies are advised to create a "demilitarised zone".
"If the BES [BlackBerry Enterprise Server] router gets compromised, the demilitarised zone will ensure that there is no direct access to the local area network," he added.
Mr Hills emphasised that the solution will be different for each company: "But it's that flexibility that allows [BlackBerry devices] to exist within whatever the existing IT framework is for securing network systems and services that's built into the platform."
In addition the NTA recomends turning off the Bluetooth function altogether to protect information.
Use of the BlackBerry device has created controversy in India where the government is looking to work out a system whereby it can legally intercept emails sent from phone.
|
 |
|
|
|
|
|
|
View All IT Security & Business Continuity News |
