Today in Searchcio.com Shamus McGillicuddy wrote an article "SMARTPHONES EASY TARGET FOR HACKERS, EXPERTS WARN". The article explores the risks from executives who are increasingly using smartphones to access and download sensitive applications and information.
The article quotes Stan Schatt, vice president and research director at ABI Research in Oyster Bay, N.Y. "Schatt said at least 30 forms of malware written specifically to exploit smartphone operating systems have been identified during the past two years. He estimated that as many as 90% of smartphones are exposed and unsecured right now."
The danger is that malware on a smartphone will capture the uid and password authentication most commonly used as a security mechanism. With this the criminals then have access to the applications and information the executive who uses the smartphone.
The answer is to have a layered identity authentication architecture. For general low risk access, continue to use the uid and password. As the executive drills towards sensitive apps and information, use stronger authentication such as one-time password tokens, bimoetrics, voice recognition etc. Then place transaction authentication around the enterprise crown jewels.
If you're not doing this, your enterprise is at high risk of a major security breach.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us