Bluetooth leaves information vulnerable and should not be used in the corporate arena, delegates attending the annual Information Systems Audit and Control Association (ISACA) conference heard this week.
Barry Lewis, president of Canadian IT security consulting company Cerberus ISC, believes Bluetooth is not enterprise-ready technology and should be left out of business completely.
He says wireless is just like radio signal and is available to anyone who wants to access it. "Bluetooth is especially easy to access as it has no security built around it. Organisational policies should ban it," he said.
"Bluetooth cannot be controlled - people will still use it, regardless of policies," said Frank Rizzo, partner, information risk management at KPMG.
If Bluetooth-enabled phones must be used, Lewis cautioned that confidential data should not be stored on it. He said regardless of the fact that Bluetooth is said to have a short signal range, users should not see that as guaranteed security.
"It may be illegal to intercept communications in this way, but people will still do it until they get caught," he said.
Lewis also spoke about the arrival of mobile viruses, which are already being researched and prepared for by anti-virus vendors.
Share
