Security Worries Hang Up Mobile Plans

A new study from security applications vendor Symantec contends that fears over security for wireless devices and applications is causing enterprise customers to sit on their mobile strategies.

New research indicates that many companies are putting a hold on the introduction of new wireless technologies based on concerns over IT security.

Published by security applications maker Symantec and the research arm of UK-based newsmaker The Economist, the survey contends that the threat of virus attacks, potential flaws in smart phone software and a lack of wireless network access controls have forced many enterprise firms to slow down their adoption of additional mobile applications and devices.

Based on interviews with some 240 companies with international operations, the study found that over 60 percent of the enterprises involved in the survey were currently postponing the introduction of new wireless tools based on such security fears.

Some 47 percent of survey respondents said that the cost and complexity of wireless technologies remains a major obstacle to adoption.

While some security experts have accused IT vendors such as Symantec of hyping up the threat of mobile attacks—with only a few minor viruses having affected popular handhelds compared to the avalanche of PC-oriented malware programs—the survey found that just under 20 percent of those interviewed had already experienced financial loss due to attacks on mobile data platforms.


Ziff Davis Media eSeminars invite: Join us April 13 at 12 p.m. ET to learn how to centralize remote office data in the data center, gain control over the integrity and security of data, and enforce corporate backup policies and ensure data recovery.

The growing problem of insufficient wireless security is only just beginning to gain momentum, but the potential for serious problems down the road is already taking shape, said Paul Miller, director of mobile and wireless solutions at Symantec.

While no "cataclysmic" mobile viruses have emerged yet, he said, waiting for threats to become more sophisticated and damaging is not the smartest way to approach wireless security.

"Were not here to beat the hype drum, but companies need to begin thinking about this and rolling out appropriate policies and technology before we do see a serious problem," said Miller.

"We need for people to learn from the lessons we were exposed to on the desktop instead of repeating mistakes with mobile devices; adoption and security threats tend to grow hand-in-hand, so unless enterprises prepare, we will see a major breakdown when that first big attack arrives."

Since popular mobile phones run on so many different operating systems—unlike the vast majority of PCs, which run on Microsofts Windows OS—it may be another year or even two until such an event occurs, Miller said.

However, hes willing to bet that the fallout from such an attack will be dramatic, as so many companies have not yet addressed wireless security from the top down.

The research also contends that todays wireless attacks are already becoming more sophisticated and damaging than many of yesterdays PC-borne viruses.

Some 82 percent of those companies responding to the survey said that they would rate the impact of mobile viruses as roughly the same, or even worse, than the fallout caused by more traditional IT threats.

A major part of the problem around wireless security remains that many companies have yet to enlist sufficient policies to cover the use and protection of mobile devices, said Miller.

Only 9 percent of respondents to the report said that they have incorporated a security architecture designed to include mobile device access, while 81 percent already have policies in place for the use of laptops and other computers.

Next Page: Smart phones remain vulnerable.