Wireless 411: Gateway to nuisance, higher costs and mobile virus attacks for the enterprise

Wireless 411: Gateway to nuisance, higher costs and mobile virus attacks for the enterprise

Bob Egan's weekly column
October 19, 2004

What's happening?

The current wireless 411 legislation creates a loophole that lets employees "opt-in" to a wireless directory, thus threatening to strip enterprises of control over key business assets while exposing them to higher costs, privacy issues and more security risks.

Our Conclusions

A mobile phones number is the near equivalent of a computer having a fixed IP address. We believe that if an employee "opts-in" (perhaps unknowingly) to a directory service, telecom and IT management may well be stripped of its protective role over business phone numbers.

    Requires Free Membership to View

    Login

    SearchMobileComputing.com members gain immediate and unlimited access to expert guides for mobile deployment, management and security, industry trends, and more-- all at no cost. Join me on SearchMobileComputing.com today!

    Kate Gerwig, Editorial Director

    By submitting your registration information to SearchMobileComputing.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchMobileComputing.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Meanwhile, mobile viruses and SMS spam are already emerging threats, and we believe that a public directory of wireless phone numbers will make it even easier for spammers and hackers to target individual enterprise wireless users, if not entire companies.

The fundamental assumptions of wireless 411 are flawed in that they apply an outdated wireline white-pages mentality to wireless. The directory initiative ignores key differences not only between wireline and wireless, but between businesses and consumers, too:

  • Unlike wireline desk phones, today's wireless phones are complex devices, with computing power on par with late-'90s laptops.
  • Enterprise wireline phone numbers are hidden and protected by the corporate PBX. But access to wireless phones is controlled by a public cellular network, thus bypassing the enterprise's direct control.
  • A mobile phone number is the DNA of the wireless device itself, determining who uses it and which application and service capabilities exist.
  • Wireless 411 would let employees rather than employers determine whether third parties have access to those devices.

    Action

    To prevent the wireless 411 nightmare from become reality, CIOs and IT managers should immediately do three things:
  • Call your Congressional representatives and get your interests represented. We expect formal Congressional action on wireless 411 after the elections are over.
  • Wireless contracts must include specific privacy covenants. Employees with company-provided phones should be barred from including their information in the wireless 411 directory. Ensure that this limitation is clearly and explicitly outlined in your contract, and demand that your wireless carrier outline how it would block your employees from trying to list their numbers. Enterprise telecom managers should be the only people empowered to decide whether employees' wireless numbers can be publicly distributed.
  • If employees obtain wireless service on their own, company policy should be that reimbursement is contingent on the number not being listed in the wireless 411 directory.

    Discussion

    The key attribute in provisioning a wireless phone is its phone number. With it, one can call the phone, address its short and multimedia messaging services, and e-mail. Several companies have already developed software that uses the number to access the phone's status and software revisions, overall phone capability, operating system type, memory and application sets. Would you give a third party the fixed IP addresses to your desktops and laptops and throw away your enterprise firewalls? That's the equivalent of what happens when a company's wireless number is made public.

    Even the questionable guidelines aimed at protecting consumer privacy do nothing to safeguard enterprise wireless numbers. Nearly five months have passed since we warned that the Cellular Telecommunications & Internet Association's (CTIA) directory threatens to make wireless business numbers public and thus fair game to anyone who calls wireless 411 or the directory itself is hacked. CTIA's president called us after our first research note on this topic, and after a "lively" discussion, he conceded that the needs of the enterprise customer need to be addressed. Action was promised, yet none has been taken, despite our offer to help.

    Time is growing critical as the bills have moved out of Congressional committees. This wireless directory has the potential to combine the anxiety of Internet pop-ups, spam, telemarketer calls and a new level of virus attacks for any person who's listed.


    Bob Egan is president and CEO of Mobile Competency, a Providence, R.I.-based market analyst and consultancy. He can be contacted at bob@mobilecompetency.com or via phone at 401-241-4000.

    This was first published in October 2004

    • Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top