(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9 No. 3, March 2011
knowledge workers to access their networks when they aretravelling or from home offices and at the same time they offerstorage and processing capabilities similar to, or even betterthan desktops.The shift toward mobile computing is associated with a newset of vulnerabilities for information systems. Mobile laptopsare considered by most organizations as the greatest securitythreat and the most difficult to maintain . A surveypublished in 2006 indicated that in 27 percent of the cases, ittook longer than 10 days to deploy critical patches to mobilelaptops . A timely and efficient response to laptopvulnerabilities must be a major concern for organizations andtheir system administrators.Mobile computing vulnerabilities can be classified intothree major categories: physical vulnerability, systemvulnerability, and network access vulnerability. A brief discussion of those categories is provided below along with asuggested course of actions.
Laptops are mobile computers and they travel with theirowners or users. There is a greater chance for laptops to be lostor stolen in airports, hotels, and meeting auditoriums. Physicalvulnerability is not only associated with the loss of hardware; itis also associated with the loss of valuable data and sensitiveinformation. Another form of physical vulnerability occurswhen laptops are left open and unattended, which leads toexposure to sensitive information and documents and theability for network access.System administrators must continuously raise awarenessabout the importance of physical security and remind laptopusers of consequences of this vulnerability. In some cases, it isnecessary to secure the rooms or offices where the laptop islocated and other times it is necessary to fasten the laptop to anon-movable object.
Laptop computer systems are as vulnerable as any othercomputer system in the organization. A recent survey on laptopvulnerability assessment indicates that the most significant typeof vulnerabilities are missing security patches and updates,misapplied and outdated patches, outdated virus and spywaredefinition files, configuration weaknesses that create exposures,and missing or deficient security applications, topologies andprocesses . Remote laptops can be physically accessedeasier than desktops. As such, non-secure laptop systems posegreater vulnerability than desktop systems.System administrators must prepare a schedule of updatesfor security patches, antivirus programs, and other securityprograms. It is very important to follow the schedule and allowusers to update their systems as soon as a new update becomesavailable.
Network Access Vulnerability
The need to access LAN and WLAN using mobile laptopscreates the single most significant set of vulnerabilities for theorganizational cyberspace. Laptops are used to provide e-mailaccess, Internet access, and file transfer protocol (FTP) access.Such actions create an environment for opening potentialharmful attachments, allowing potential unauthorized access toimportant files, potential for sniffing, session hijacking, IPaddress spoofing, and denial of service attacks. In general,using a laptop to access a WLAN is more susceptible to attacksbecause WLAN includes both the organization’s internalnetwork and the general public network segments. Forexample, WLANs can be susceptible to attacks such as trafficanalysis, eavesdropping, brute force attack, renegade accesspoints, and masquerading attacks.System administrators and laptop users can address network access vulnerabilities through several courses of action. Theycan formulate and implement network access security policies,require periodic change of login information and enforce apolicy for strong passwords, clearly define user privileges(read, write, delete) and user access, and enforce secure settingaccess and avoid access from open networks.III.
The identification of physical, system, and network accessvulnerabilities allows the system administrator to prepare acourse of action to address these vulnerabilities. It is veryimportant that a continuously improvement plan is in place andvulnerabilities are dealt with in a timely manner and preferablybefore a threat occurs. Such an approach requires that securityperspective is shifted from technical to managerial. The maingoal of addressing vulnerabilities will be to improve businessresiliency and continuity .
Managing Vulnerabilities: No Present Threat
System administrators must continuously work to reducethe number of vulnerabilities present at any time during normalbusiness operations. Even when there is no immediate threat asystematic, process based, proactive approach must befollowed. This approach has three major steps:1.
Identify present vulnerabilities in the IT security area2.
Rate vulnerabilities based on the potential damage andlikelihood of attack 3.
Address vulnerabilities with specific course of action
Identification of Vulnerabilities
During normal business operations of the organizationalcyberspace, when there is no threat to the system, systemadministrators must evaluate potential vulnerabilities of thesystem and among them, vulnerabilities of laptop computersand their access to the organizational network. The literaturereview and practical experience have identified a series of vulnerabilities for any particular information system. Reference suggests a series of vulnerability categories related tonetwork access as shown in the first column of Table I.System administrators must identify what vulnerabilitiesfrom the above list are present in his or her network. For thosevulnerabilities which are present the administrator must specify
2 http://sites.google.com/site/ijcsis/ISSN 1947-5500