Page 415 - StudyBook.pdf
P. 415
Infrastructure Security: Devices and Media • Chapter 6 399
If the data on servers is especially confidential, such as file stores with financial
or litigation data, it may be necessary to encrypt communications from the server as
well as the data stored on the server itself.This additional layer of protection helps
preserve the confidentiality of the data stored on the system as well as making it
more difficult to break into.At a minimum, it will keep the data from being read by
someone casually sniffing on the network.Again, keep in mind that security threats
come not only from the outside, but also from employees of the company itself.
Mobile Devices
With mobile devices becoming more powerful and functional, they are quickly
becoming the norm for working on the road rather than a full-size laptop. Since
mobile phones and Personal Digital Assistants (PDAs) are now capable of sending and
receiving e-mail, connecting to remote network applications, and browsing the Web,
their use in the corporate world has exploded.They also have the ability to store lim-
ited amounts of data (with the capacity growing all the time) and some mobile
devices even have word processor and spreadsheet applications.This gives their users
the ability to be completely untethered from a full-size workstation or laptop.
With these mobile devices comes more work for the security professional.
Workstations are somewhat vulnerable, but at least they are restricted to being
located at a particular site and can be turned off by an administrator if necessary.
Laptops, while mobile, are slightly more secure than handheld mobile devices,
because they are somewhat inconvenient for end users to carry everywhere or acci-
dentally leave.The areas of vulnerability to focus on with the ultra-compact mobile
devices are those of communications and local data security.
Since many of these devices are able to connect to the Internet, they are
remotely accessible to potential attackers. In addition, as previously mentioned, net-
work applications can be designed to work with mobile devices over the Internet.
The security of these network applications should be ensured by requiring that
communications with mobile devices be encrypted.
More and more mobile devices are being equipped with the ability to use
Bluetooth or 802.11x for wireless communications. Similar to all other wireless
connectivity options, these wireless options provide additional entry points for
intruders into the wireless device. Bluetooth has been used for successful attacks
against mobile devices and will likely be used for more attacks in the future. Being
aware of how a mobile device communicates can help you to ensure that it is as
secure as possible by disabling unused communication methods or applying security
to the communication method appropriately.
www.syngress.com
