Identifying the risk involved in allowing wireless, portable devices into your company

Defense in depth is a strategy strongly promoted throughout the security community, so to leave a network open at a single point of risk is a situation we all fear and work to avoid. In that context, this paper addresses the risk that small portable devices are leaving our networks open to every day. Personal Digital Assistants (PDAs), mobile phones, portable email devices like the Blackberry (RIM) device are gaining in their power and application. They are mobile and portable and, as such, are brought outside the scope of traditional security measures like firewalls. In an informal study among non-security conscious colleagues, most people admitted keeping passwords or PINs on their PDA, business sensitive information that they would regret falling into the hands of the competition. With the emergence of wireless communications abilities, issues of securing the methods of communication as well as securing the content also emerge. Risk is directly related to the level of threat and vulnerability you face. So what are the threats and vulnerabilities facing us through the medium of portable devices and what can we do to defend ourselves against them?