Painful patching: How to lock down networked devices
Many people don't realize it, but networked non-PC devices, such as personal digital assistants (PDAs), can pose a significant threat to your network's security. Of all the PDAs you see people using in your company, how many of those PDAs does your company own and maintain? People often bring PDAs into the workplace running an out-of-the-box configuration and attach them to the network. Although PDA-based exploits aren't as common as PC-based exploits, there are documented cases, nevertheless, where Trojans were found running on PDAs. Unless you control PDA usage in your company, you could be exposing your network and the data it contains to exploits.
The best way I know to counter such threats is to establish a policy mandating that only PDAs issued by the company are allowed to be connected to the corporate network or to computers belonging to the company. Once you control all of the PDAs used throughout the company, you can focus on patch management.
The link for this article located at SearchSecurity is no longer available.