SME technology special: wireless

Mobile technologies have changed the way that small and medium-sized
businesses operate, boosting productivity, cutting administrative overheads,
improving communications and customer service and supporting flexible working.
But our increasing dependence raises some thorny security issues.

Working holiday

There was a time when going away on holiday was a chance to leave work
behind. Today few of us travel very far without the growing selection of mobile
tools we rely on to keep us connected. ‘Being always in contact with the office
has advantages and disadvantages,’ says Mark Saunders, who is responsible for IT
with 15-partner firm Wilder Coe.

‘It’s definitely empowering, but I’m never really away from my desk.’ Even
so, he adds: ‘I’d rather take my BlackBerry away on holiday and check my emails
a couple of times than come back to face thousands of messages.’

Finance professionals are also slaves to their machines. ‘I rarely leave the
house or the office without my mobile phone and my Treo,’ says Sam Wilson,
finance manager with building supplier Cooper Hill, and he always takes his
laptop to business meetings. ‘I’d rather have it with me and not need it, than
need it and not have it with me,’ he says.

We are now so dependent on mobile technologies that some people couldn’t live
or work without them. ‘We have 350 bodies spread across 14 sites,’ says David
Austin, at Armstrong Watson. As the firm has grown so has the mobility of its
staff. ‘Ten years ago people didn’t move from site to site the way they do now,’
he says.

So mobile access to communications, the corporate network and the information
and systems it contains are vital. ‘People want to be able to work at all
times,’ he adds, ‘so we have to ensure that all of the necessary systems are
available 24/7.’

Mobile access to corporate systems is also important to the efficiency and
effectiveness of the services businesses provide. At Quality Gas Service
Limited, field service engineers are being issued with a personal digital
assistant (PDA) that will link them to the back office and provide a two-way
flow of accurate and up-to-date information.

Remote access

In the past, the engineers have needed to carry around a large amount of
paperwork such as jobs cards, certificates, warning notices and spare parts
requisitions. All of this will be replaced by the PDA. ‘Many of the
time-consuming, day-to-day tasks that are necessary to ensure that engineers get
to the right job will be removed,’ says QGS managing director, Kevin Duddy.
Engineers will be able to use their PDAs to connect with the back office via the
mobile internet and instantly access customer records and other relevant
information.

Because it will be updated in real time to reflect activities in the field,
the system will also provide senior management with the up-to-date information
they need to make better business decisions on the fly. ‘It will give instant
visibility of stock levels,’ says Duddy and once QGS has put all its job records
online, customers will be able to access them via the internet, eliminating both
unnecessary telephone calls and invoices. ‘We expect the system to support our
company as it continues to grow,’ he says.

Careful approach

But if mobile technologies are to bring substantial business benefits,
without creating significant problems, they require careful management –
particularly when it comes to security. We all know a little about the
precautions we should take, such as making a SIM backup of contact details
stored in our mobiles and encrypting sensitive files on our laptops. But remote
access to corporate networks and increased availability of wireless connectivity
is creating new areas of vulnerability.

‘People expect to be able to connect their laptops and use the internet now
no matter where they are,’ says Saunders. ‘So all of our systems are geared
towards supporting you in your work no matter where you are.’ Many Wilder Coe
staff have their own company laptop. The firm’s offices are hot spots so
visitors can plug their laptops in or connect to the internet wirelessly.

Businesses are in such a rush to exploit mobile technology that safety and
security becomes a low priority. But it must be managed carefully and diligently
if we are not to turn a boon into a burden.

SAFETY FIRST

If you give someone remote access to the corporate network or provide
wireless connectivity, you have to be sure that you are adequately protected
against unwanted intruders. ‘We’re concerned about system security, ’says
Saunders.

‘It’s important not to let outsiders have access to your network and to
ensure that only authorised users gain remote access to the corporate network,
’he adds. The firm only gives visitors wireless access to the internet and uses
password controls and special software to tightly control remote access.

Not all organisations are as diligent. Although more organisations are
protecting corporate information by switching on the wired equivalent privacy
encryption found inmost wireless products, a survey team recently managed to
hack 714wireless access points in the City of London alone.

Clearly, businesses need to reconsider their approach to security in this
area.
Organisations must also protect their systems against their own staff. ‘Firms
need to regularly audit their IT networks to ensure that employees have not
installed their own wireless access points, ’says Tim Pickard, regional vice
president with RSA Security.

Spoof hot spots are also a growing concern, so mobile employees need to be
made aware of the threat they represent. ‘By spoofing legitimate wireless
hotspots, criminals can trick people into using their system then record
passwords for corporate networks, credit card entries and financial data,’ warns
Pickard.