BANGALORE: Security concerns are the biggest obstacle to the widespread adoption of wireless and remote computing in businesses worldwide today, according to a global survey by the Economist Intelligence Unit, sponsored by Symantec Corp.
More than 60 per cent of companies are holding back on deployment, citing security concerns. Close to 47 per cent of respondents cite cost and complexity as a major obstacle to deployment. All the while, almost one in five businesses has already experienced financial loss due to attacks via mobile data platforms.
The Economist Intelligence Unit's research highlights serious weaknesses in firms' present security arrangements for mobile devices. While 82 per cent of businesses worldwide, indicate that they see the damage from virus attacks as the same or greater on a mobile network than on a fixed network, only 26 per cent have actually assessed security risks of smart phones, compared with 81 per cent of enterprises conducting security assessments for laptops. Despite the proliferation of mobile device use in the enterprise, only 9 per cent of companies have incorporated a new security architecture designed to include mobile device access. Of the rest, ten per cent of the companies have no measures for addressing mobile security, 39 per cent are granting mobile devices access to corporate networks on an ad hoc basis and another 39 per cent are integrating mobile devices into their existing fixed network security architecture.
"It's prudent for enterprises to gain experience in mobile deployments and security before a serious attack makes it mandatory and time critical," said Paul Miller, director mobile and wireless solutions, Symantec Corporation. "In today's enterprise, there are multiple end points to account for and proper protection cannot be tackled as one-size-fits-all. While most enterprises are aware of the risks introduced with mobility, they continue to lack the appropriate security measures and policies required to protect themselves from potential threats."
The Economist Intelligence Unit, surveyed more than 240 global company executives and conducted a number of in-depth interviews with executives across a range of industries, to explore awareness of security risks associated with the widespread adoption of mobile data solutions. The research also looked at business readiness to respond, should a security threat be realized. Regional responses were aligned on a number of matters, with regional contrast strongest around security risk assessment on specific devices and security software deployment. For example, 55 per cent of Western European businesses have deployed security software to protect mobile data, compared to 44 per cent in Asia-Pacific and just 36 per cent in North America.
"Security is the one particular issue that continues to impede the widespread adoption of mobile computing in the workplace and if it continues to be overlooked there is a danger that some businesses will miss the advantages mobility can bring to their workforces," said Economist Intelligence Unit director of custom research Gareth Lofthouse.
The Symantec Internet Security Threat Report Volume IX, published in March 2006, highlighted that malicious code that targets mobile devices, particularly smart phones, continued to grow through the second half of 2005. The report also highlighted several new examples of malicious code for smart phones including Cardtrp, which was the first cross-platform threat with the ability to affect both Symbian and Windows operating systems. The end of 2005, also saw the emergence of Pbstealer, which is distributed as a file that represents itself as a phone book utility for smart phones, in order to entice a user to download and execute it. Once a device has been compromised by one of these Trojan horses, information such as the user's phonebook, notepad, calendar, and to-do list will be transmitted to Bluetooth-enabled devices that are within range. This may pose a serious breach of confidentiality if a corporate device is compromised in this manner, as sensitive contact information and appointments could be shared. The risks connected with mobile data will increase as larger mobile networks become a more attractive target for cyber-criminals.
"A coherent strategy for mobile security would work towards alleviating the concerns of many enterprises. Companies can begin leveraging mobile technology as a competitive advantage by adding mobile protection to 5 or 10 per cent of their mobile workforce and heeding to best practices. This measured approach will help tremendously in preparing for major deployment," said Miller.