Sergey Nivens - Fotolia

Manage Learn to apply best practices and optimize your operations.

How can mobile broadband modem security be ensured?

Mobile broadband modems are becoming popular vectors for attack. Expert Kevin Beaver outlines how to defend against the threat.

I read that mobile broadband modems are popular vectors for attacks because of their lack of authentication. What alternatives does my company have to using these modems? If we have to use them, what is the best way to ensure security on them?

With the pervasiveness of mobile computing, there's no getting around the need for anytime, anywhere connectivity. These vulnerabilities are a great example of, "If it has a URL or IP address and it's made available on the Internet, then people are going to play with it" -- and exploit it if they can.

And, simply put, if your business depends on mobile devices to connect to the Internet or your internal network, you can't just stop using mobile broadband modems.

I'm confident that most organizations have much bigger security problems on their own network hosts, applications and mobile devices than any cross-site request forgery or DNS poisoning flaws that may or may not be present on their users' mobile broadband modems, but that doesn't mean the issue should be ignored.

Rather than dropping everything you're doing -- like many people in the industry will assert is the best tactic -- I suggest taking a methodical approach to this potential risk and integrating it into your ongoing security assessment program. Be sure your enterprise asks itself:

  • What mobile broadband modems are employees using?
  • Are they known to be vulnerable?
  • What are the vulnerabilities?
  • How can they be exploited?
  • What information, people, and processes are ultimately at risk?

By taking this approach, you'll likely find that the sky is not falling after all. But perhaps, if the problems are bad enough, you can justify changing your standard and policy on which mobile broadband modems can be used. There may even be patches that can be applied. Every situation will be different; however, locking down your endpoints with personal firewall software and advanced malware protection, as well as requiring VPN connections for all Internet access, is a great start. As for alternatives to actual modems, that's a question for your organization's cable provider. Alternatively, you could switch to a different technology altogether such as business DSL, T1, etc. That said, you may not want to go backwards in time by using these technologies, or they may be out of your budget altogether.

Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your question now via email! (All questions are anonymous.

Next Steps

Learn more about keeping mobile workers connected and ensuring mobile employee productivity

This was last published in March 2015

Dig Deeper on BYOD and mobile device security best practices