The recent survey into corporate mobile security from
Decipher shows just how much company-sensitive data is
accessible via company mobile devices. Although it is encouraging
to see businesses arm their employees with the tools to make the
best use of their time away from the office, they also need to be
careful that, in doing so, they also fulfil their duty to care and
protect their employees along with their internal and customer
data, writes Jay Seaton, chief marketing officer at Airwide
Solutions.
Experts have long discussed the
potential threats to mobile devices, but many people assume the
PC security model of software downloads and firewalls is the
answer. With the variety of handsets available, this really isn't
an effective option. Adding to the complexity is the range of
communication methods that can be carried out on a
smart phone - email, SMS, MMS, web and Wap access - and along
with these come a whole host of mobile security threats, such as
mobile spam, viruses and phishing.
Banning smart phones from work is not a viable option either,
because employees will continue to use whatever communications
device they have to make their lives easier, regardless of the
security risk it poses to their employer.
Handset-based solutions are also limited because they protect
only 1% of mobile users. Also, with mobile devices constantly being
upgraded and replaced with higher-specification devices, security
software that is added is often quickly outdated.
The answer lies with the mobile operators, because mobile
security solutions that are deployed on a network level are both
controllable and easily upgraded. Currently, many network operators
voluntarily police potential fraudsters but, as messaging services
continue to grow and become more complex, networks need a
comprehensive range of features, such as anti-spam and
virus-filtering software,
Equipment Identity Register (EIR) systems and blacklisting,
anti-spoofing and anti-flooding technology.
Using a variety of mobile security technologies, including
anti-spam and anti-spoof and next-generation gateways, operators
can detect abnormal patterns in messaging traffic, confirm
legitimate senders, filter content and block suspicious messages.
Filtering content also helps the fight against the spread of
viruses and trojans. Blacklisting enables users to block certain
phone numbers and incoming messages coming from these phones, while
EIR systems have proved very useful in preventing handset
fraud.
By providing corporate organisations with a combination of virus
filters, subscriber controls and individual profiles, operators can
help equip enterprises with the tools they need to protect their
data and reputation.