SAN DIEGO—Businesses paying for their employee’s wireless service might want to take note: Hackers are using smartphones to scam subscribers and operators out of premium SMS fees.
“Mobile devices are directly connected to payment systems. If you can hack someone’s phone and program that phone to send a premium SMS message every week, you can make money off that phone,” says Aaron Turner, founder of mobile technology risk management firm Integricell. “It’s up to the person to go and reclaim the charge against the carrier, and by that time the hacker is long gone and the carrier has to eat the fee. From the hacker’s perspective, it’s a whole new realm of being able to monetize attacks.”
That’s just one of the issues about mobile security Turner discussed Monday during the pre-conference Enterprise Mobility Boot Camp at this week’s CTIA Enterprise & Applications in San Diego. The event provided a crash course on enterprise mobility, from identifying threats to forming a security strategy.
Turner says that some businesses have their heads in the sand over mobile security.
“Right now we’re still very much in the awareness phase. For some reason, a lot of very smart people think that these smartphones are magically some sort of technology that is immune to security problems,” he says. “In reality, these smartphones are computers that are more powerful than the first- and second-generation laptops that we deployed 10 years ago. With that processing power, it’s very easy to write malware that stays persistent.”
Turner recommends a top-down approach to enterprise security, starting by tackling critical risks before moving on to more minor issues.
Security wasn’t the only subject to get top billing at the event. The Enterprise Mobility Foundation (EMF), which hosted the boot camp, talked about what organizations need to consider when they decide to move forward with mobile technology.
EMF founder and managing director Philippe Winthrop says it’s important to take a holistic view of what mobile technology can do for a business, from changing business processes to its entire go-to-market strategy. The ability to have corporate data and resources at your fingertips can change the way businesses interact with customers, partners, colleagues and prospective clients.
“This is more about the opportunities that mobile opens up than the technology itself,” he says.
Winthrop says businesses need to be prepared to involve more than just their IT departments on a mobile strategy. The technology can touch all parts of an organization – so all parts of the business should get involved, from human resources and legal to finance and operations. Just like desktop computers, businesses need to understand how to bring in new devices, provision them and manage them, from expenses to security.
He concedes that this can be intimidating, but says the technology’s ability to increase productivity gives businesses the incentive they need to move forward with mobile. Winthrop’s goal: “helping organizations regardless of where they are on their mobility journey to take more steps forward.”
Winthrop also talked about how businesses are tackling applications, no easy task when the apps must work across a huge variety of operating systems and devices. For both internal and external apps, businesses need to understand their goals first: What’s the rationale for the app? How have you prioritized your goals?
In addition to the discussions about incorporating mobile into business operations, managing security threats and tackling the apps market, the event also hosted a pitch fest with vendors of enterprise mobility solutions and a panel discussion of real-life experiences deploying mobile technology.
This year’s pre-conference boot camp differed a bit from last year’s event. It was consolidated from one day into one, and the EMF dropped the registration fee.
