Corporate communications are getting out of hand and consequently out of control. Mobiles are so damn convenient to use that people are using them at work, even using their personal mobile for work calls, when there's a company mobile available.So what? Surely companies want their workers to communicate. The problem is that using personal phones for work weakens the control a security manager has over employees. Which can be a good thing, but not when it means that other people have access to that personal handset.Your mobile's bluetooth connection, for example, could be easily hacked. All you need is a laptop, some software and a small directional antenna and you're all set to steal the entire contacts records from anyone's phone."The same can be achieved with an insecure wi-fi connection," says David Ward, senior consultant at
Integralis, "but you won't even need an antenna." Hang on though. Surely that's a lot of trouble to go to in order to sell secrets.In the real world, how do companies gather information about their rivals?How does global software vendor A find out what its closest rival, B, is planning in the next 6 months? How do they gather the information about their channel plans, the number of support people, their marketing strategy and the management structure of their rivals?Do they hack into their rivals data bases? Do they steal smartphone contacts via Bluetooth?Hell no. I can tell you, from personal experience, what they do. They employ people to talk to people in their rival camps. They set up phoney headhunting companies to conduct bogus job interviews, where they ask their rivals "tell me what you do in your current job". They use subterfuge, bribery and deception. In short, they use people. People are the biggest cause of leakage in any company. But it's difficult to make products that tackle humans.It'll be a day to celebrate when Integralis closes that security breach!
This was first published in November 2010