- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
CSO - The mobile device, now the dominant technological tool in American enterprise, will become more dominant in 2012 and beyond. Industry analysts say mobile device shipments will top 1 billion in 2015, leaving PC shipments in the dust.
That will bring big benefits, but also big risks.
Its benefits for user convenience and productivity are obvious and irresistible -- a smart phone can handle everything from email to collaboration to video chat. It can serve as your GPS. It can scan product bar codes. It can find and store your favorite songs, help you take high-res photos and HD video and expand both your social and professional network.
But it is not very secure, which puts users and the enterprises that employ them at greater risk.
The combination of relative defenselessness and ubiquity means mobile devices will be an increasingly tempting target for attacks ranging from spyware to rogue applications.
--Also read about one researcher's claim that mobile malware is exaggerated by the vendors
Security experts say the industry is aware of the risks. IBM's IT security research team, X-Force, predicts 33 software exploits targeting mobile devices in 2012. That may sound small, but it is double the number released in the previous 12 months.
Many of the attacks will be coming through the browser, which Anup Ghosh, co-founder and CEO of Invencea, calls, "a terrific attack vector for any malware writer." Ghosh says while each new iteration of browsers has more security built in, "there is no slowdown in the vulnerabilities that each iteration has."
Indeed, the variations of malware -- up to as many as 75,000 per day -- means, "the whole model of detecting attacks and then responding to them is fundamentally broken," Ghosh says.
Get your morning news fix with the daily Salted Hash e-newsletter! Sign up today.
The methods of attack are varied. They can come with attachments to emails, with third-party apps that promise to do something the user wants but end up harvesting personal information, or simply through opportunistic infections from surfing.
Current estimates are that one in 60 Facebook posts and one in 100 tweets contain malware.
Gary McGraw, CTO of Cigital and a co-founder of BSIMM -- the Building Security In Maturity Model -- an organization that helps software developers build security into their products, believes that the awareness of the threats means there will be a lot of effort made to improve security for mobile devices. But, he notes, "This is a very complicated space. A lot of different people are responsible for different parts."
Those involved in the making and using of mobile devices range from carriers like Verizon and AT&T to device manufacturers like HTC to chip manufacturers and those who make operating systems like Google and Apple.
"They're all thinking very seriously about this problem," McGraw says. "But, the business model for mobile commerce hasn't really been laid out. It's hard to make risk management decisions when you're just trying to get ahead of your competitors."