Skip Links

Securing mobile devices requires enterprise and service provider controls

By Jon Kuhn, director of product management, Enterprise Mobility Group, Symantec, special to, special to Network World
June 23, 2011 12:03 PM ET

Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Enterprises are adept at securing and managing computing endpoints such as desktop and laptop computers, but most do not have the same controls and processes in place for what is likely the fastest-growing computing platform: smartphones and other smart mobile devices.

Though the amount of malware designed to target mobile devices still pales in comparison to that targeting traditional computing devices, there has been a marked increase in mobile malware and the trend shows no signs of stopping. Combine that with the fact that mobile devices are often lost or stolen, and you get a major enterprise vulnerability.

IN DEPTH: Smartphones and tablets create huge corporate security challenge

To help achieve the necessary levels of security for mobile devices and the sensitive data they access, the mobile industry as a whole must begin shifting toward a complete approach to security and management. This approach should focus on strengthening the security of both the enterprise side -- the endpoints where the data is created, used and stored -- and the service provider side -- the carrier networks through which the devices connect and communicate with corporate backends.

As mobile devices become more sophisticated, provide greater corporate access and store more data, they are becoming a higher-priority target for attackers. As a result, companies need to stop making exceptions for mobile devices and treat them as they would any other endpoint. Using security and management software directly on the devices is key.

By implementing solutions focused on protecting and managing the devices themselves -- much like those used to secure and manage the data on PCs -- enterprises can ensure that mobile devices are not a glaring chink in their otherwise strong IT security armor. The solutions include:

* Mobile device management: It has been said that a well managed device is a secure device. It is imperative that smart mobile devices remain properly configured and managed at all times. IT cannot rely on end users to do this. Mobile device management, or MDM, solutions provide the necessary visibility and control over devices connecting to company networks and resources. By increasing IT efficiency with over-the-air deployment of configurations, applications and updates, management solutions help ensure devices have the required policies and applications and that they are configured correctly and kept up-to-date. This not only ensures security vulnerabilities are not present on the devices, but it improves end-user productivity by managing mobile device health as well.

* Mobile security software: Creative cybercriminals have found ways to exploit smart mobile devices through viruses, Trojans, SMS or email phishing, rogue applications and snoopware (mobile spyware that activates features on a device without the user's knowledge, such as the microphone or camera). It is therefore growing increasingly important to employ the mobile security solutions that provide a barrier against these attacks, similar to their laptop and desktop counterparts. Security solutions that feature network access control capabilities can also help to enforce compliance with security policies and ensure that only secure, policy-compliant devices can access business networks and email servers.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News