Mobile Hotspots Lack Adequate Corporate Control
Hotspot-enabled smartphones are a boon to mobile workers and a bane to IT managers unless controls are in place, says Cameron Sturdevant
The rogue wireless access point has long been a bogeyman for IT administrators. For years, individuals have rolled their own hotspots by plugging inexpensive consumer networking gear into company networks, causing security and reliability headaches for IT departments.
If that weren’t bad enough, personal hotspot technology has been migrating from being an annoying side effect of the trend toward consumerisation of IT to a checklist item on product road maps, as smartphone makers have been building personal hotspot capabilities into their devices.
Mobile hotspots becoming widespread
What began in 2009 with the Novatel Wireless line of MiFi mobile hotspots has spread to most top-of-the-line smartphone units, with pressure on carriers to match their competitors in offering this feature.
Last spring’s Android 2.2 release brought mobile hotspot functionality to certain smartphones that run the Google-supplied operating system, such as Sprint’s EVO 4G, and Apple iOS-based devices picked up mobile hotspot support with the recent iOS 4.3 update.
These mobile personal hotspots can come in handy for teams looking to sync up and share wireless WAN access at remote locations, and these devices can also extend access to a broader range of devices through the 802.11b/g/n protocol that’s become a sort of lingua franca for mobile devices.
However, mobile hotspot functionality on smartphones presents many of the same problems as do rogue access points. The most obvious of these problems is the security threat posed by a Wi-Fi networking device that can effectively reach the Internet without passing through any of the traditional wired or wireless protections an organisation has in place. Data loss prevention tools depend on seeing all network traffic to do the job. Mobile-hotspot-enabled smartphones make a data thief’s job that much easier.
There are also cost concerns as users make their devices available for use as a Wi-Fi access point. It almost goes without saying that all data going through the device is tallied up on the user’s account. It’s not hard to rack up some hefty download numbers when a smartphone starts sharing Wi-Fi access as if it were a coffee shop.
Protecting corporate data
Further, IT managers must add mobile hotspot management to the “should have” checklist for smartphones with this capability. Aside from setting up the accounts and security settings, some of these mobile devices are independently able to provide GPS location data and can also serve as a file-sharing location for anyone connected to the device. If compliance or corporate rules govern any of these settings on laptops and smartphones, consider now that these some policies must be extended to mobile hotspot systems.
Provisioning is an issue that IT managers should consider when managing hotspot-capable smartphones and mobile hotspot devices such as the Sierra Wireless Overdrive. Most devices come configured to work with the user’s account. Understanding how field replacements for lost or stolen devices works, as well as the type of controls that IT has over the use of lost devices, should be part of the management discussion.
For smartphones, it’s likely that already existing technologies that can lock and wipe lost phones will be enough to control the hotspot technology riding on these devices. This same level of remote control is a safeguard that IT managers should consider for mobile hotspot devices.