Welcome!

PowerBuilder Authors: Chris Pollach, Yeshim Deniz, Jayaram Krishnaswamy, Kevin Benedict, Avi Rosenthal

Related Topics: PowerBuilder, Mobile IoT, Wearables

PowerBuilder: Article

Why Your Wireless Expert Could Be Your Mobility Team MVP

Understand Unsecured Wireless

It may be an unusual angle, but your Enterprise IP Wireless Expert may be your best ally around when it comes to implementing your Mobile Device Security Strategies.  The reason why I think this is that all of smartphone and tablet devices support wireless connectivity, and most data plans provide incentives for users to access the web via IP connectivity rather than the carrier’s network.  Hopefully this makes sense as it reduces airtime charges for users, often with little or no trade-off in performance and flexibility and relieves congestion in the carrier voice network. So it's a Win-Win situaton, right?  Well... what users (and some mobility professionals) might overlook, however, is that a lot of the networks over which Enterprise Mobile Devices might connect to the web are completely unsecured, and that could be very dangerous.



Probably a lot of people remember the outcry when Fire Sheep, the packet sniffing add-on to the Firefox web browser, surfaced.  In a nutshell, Fire Sheep is a free tool that allows someone who knows absolutely nothing about IP protocol, programming, or wireless security to surreptitiously capture data passing over public access wireless networks.  Think opportunistic snoopers, inconspicuously nestled in coffee houses, airports, hotel lobbies and the like. Eric Butler, Fire Sheep’s developer, published the tool to draw attention to the fact that many social media websites were lax about security and expose users who access them in public places to potentially grave risks. Like other ‘ethical hackers’ before him, Butler resorted to publishing his snooping tool only after repeated appeals to the above had produced no security enhancements for users. Butler’s ploy worked. Bad publicity and exposure in the less-than-ethical-hacking world, forced the big social media players to correct security vulnerabilities


The thing is, that the big names in social media and cloud services are very far from being the whole unsecured wireless problem.  In fact, they are only the tip of the iceberg.

The thing to remember is that as mobile devices increasingly become a means of access to web enabled enterprise infrastructure, users can very easily and unknowingly open gaping holes in vulnerable wireless networks.

So meticulously securing the conversations between mobile devices and web enabled infrastructure command and control traffic is of critical importance, because capturing an unsecured wireless conversation is still trivially easy for a determined intruder.  Get the Wireless Expert a big Coffee... it may be a long chat!

Please follow me on Twitter @ithain

More Stories By Ian Thain

As one of the Sybase Technical Evangelists, Ian regularly addresses technical audiences all over the world and his sessions are always very well attended. He also writes education classes, whitepapers, demos and articles for various Sybase products and publishes regularly in Journals such as SYS-CON's PBDJ and International Developer Magazine. He is also the Sybase Unwired Platform & PocketBuilder Evangelist and works closely with the team in Dublin, CA and Concord, MA on new features and demonstrations for the products. In his customer-facing Evangelist role, Ian is very involved with the design, production and testing of Enterprise class Unwired Solutions, that have been implemented using Sybase's Unwired tools for Sybase customers around the globe. In addition, Ian is a dedicated technical expert continually working with Sybase's key partners and clients to enhance the capabilities of the Unwired solutions that Sybase can offer to its customers. Ian can also be found on Twitter @ithain