Small laptops pose a big security threat
Ultraportables forgo size, weight, power -- and security.
Computerworld - They're highly portable, inexpensive, very popular -- and a potential security nightmare. Running against the trend of mobile computers featuring progressively larger processors, memory, storage, screens and price tags, ultraportable laptops promise to streamline and simplify their users' lives. Easy to carry, capable of running only a handful of modest applications and affordably priced, ultraportables have emerged over the past year or so to become one of the hottest mobile computing trends.
Pioneered by Taiwanese PC maker Asustek Computer Inc. with its Eee PC and now also available from vendors such as Dell, Hewlett-Packard and Fujitsu, ultraportables are designed to appeal to users who need portable systems with more power and functionality than a smart phone but don't want to lug a conventional laptop through offices, hotels and airports.
"It's a technology with great appeal to many people," observes Gabriel Vitus, IT director at the Certified General Accountants' Association of Canada, a trade organization in Vancouver, British Columbia.
That small package comes with built-in compromises, however. Ultraportables typically feature a processor that lags at least a generation or two behind the CPUs included in traditional laptops, a few gigabytes of solid-state memory and storage, a squeezed-down display and a cramped keyboard. But another characteristic of the new portable pipsqueaks is striking fear into the hearts of a growing number of IT managers: security weaknesses that are directly attributable to the machines' diminished technology.
"This is a threat that IT managers are just beginning to recognize," says Brian Wolfe, a security analyst at Lazarus Technologies Inc., an IT consulting service in Itasca, Ill.
Minimized hardware resources force ultraportables -- and their users -- to cope with weakened system software. Most models ship with a stripped-down Linux operating system or, in some cases, Microsoft Corp.'s previous-generation operating system, Windows XP. Newer and more capable operating systems, which also tend to have the latest internal security safeguards, demand processing and storage power that ultraportables typically lack, Wolfe notes.
Ultraportables' reduced resources also limit their ability to run add-on security software, such as data encryption and anti-malware tools. With processing power, internal memory and storage space all at a premium, it can be difficult -- sometimes impossible -- to squeeze security software onto an ultraportable. "As a result, the machines are often sent out into the world with little or no protection," Wolfe says.
Vendors' use of dated software can also make ultraportables more susceptible to various malware. Earlier this year, for example, Brazilian security firm Rise Security released an alert that showed that old, unpatched Samba code found on the Eee PC allowed the machine to be subverted ("rooted") right out of the box. Such vulnerabilities allow hackers to remotely gain complete control over the systems.
Other key security features are often absent on ultraportables. "Many, if not most, [ultraportables] are sold without Trusted Platform Modules because they are targeted at the consumer market," says Rob Enderle, an analyst at Enderle Group in San Jose. "This means they either don't have encryption solutions or the solutions aren't that robust."
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- Going Paperless? Here's What You Need to Think About As makers of some of the world's most popular PDF solutions, we often consult with businesses & governmental agencies that have the goal...
- The Big Data Opportunity for HR and Finance If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
- Redefine Your IT Operations: Remote Office IT Has Never Been Simpler Join us to see why PC Pro named Dell PowerEdge VRTX the "2013 Server of the Year." PowerEdge VRTX may be just what...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to... All Hardware White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!