Trends for 2004: Managing and securing your mobile workforce

Computerworld - We are quickly morphing into a mobile workforce. Users perform day-to-day business from places we never thought possible. Airports, coffee shops, hotels, convention centers and commuter trains have become extensions of the office. Even airplanes are beginning to offer connectivity to passengers, something unheard of only a few months ago.

In short, the Internet and wireless mobile networks have made information access available to users from nearly anywhere.

Mobility can offer huge gains in productivity, so we must embrace and manage it. A study on wireless LAN benefits conducted by NOP World Technology for Cisco Systems and published last month, for example, showed a 27% increase in productivity and an annual savings of almost $14,000 per mobile employee. Moreover, Gartner Inc. predicts that the number of North Americans using WLANs on a frequent basis will grow from 4.2 million in 2003 to more than 31 million in 2007.

Enterprises must be prepared. Wireless networks create another avenue for unwanted parties to access your network. To optimize the value of a mobile workforce, you must mitigate the associated risks.

To accomplish this, there are two key areas to focus on: tracking and managing a broad and growing mix of mobile assets, and protecting data stored on both mobile devices and in the corporate network.

Know your vulnerabilities

We deal with security risks every day. The effects of viruses, worms, Trojan horses and denial-of-service attacks, which can degrade or halt network performance by overwhelming the resources of a host or network device, are well known, and the risk of loss through data theft is very real.

Intrusions come from a variety of sources: internal or external, intentional or accidental, known or unknown. A 2003 security study conducted jointly by the Computer Security Institute and the FBI concluded that 78% of network attacks come through the Internet -- the remote mobile worker's primary method of network entry.

The risk of network infections introduced by nonstandard applications, by misconfiguring standard applications or by not staying up to date with the latest versions in mobile computing devices can't be understated. With the explosion of mobile devices, how do you avoid leaving large holes in an IT network that intruders can exploit?

Accept the fact that your employees will use the new tools on the market. Denial of this or reluctance by management to adapt to new technologies will only drive users underground to hide their rogue software applications, increasing your exposure rather than eliminating it.

Most company leaders I have spoken with agree that, except