[ISN] Securing mobile data more important than viruses

InfoSec News isn at c4i.org
Thu Oct 13 00:04:00 EDT 2005


http://www.networkworld.com/news/2005/101205-mobile-data.html

By Nancy Gohring
IDG News Service
10/12/05

Enterprises with workers that can access corporate data from mobile
devices should be less concerned about mobile viruses and more focused
on setting and enforcing rules for securing the data, said speakers at
Symbian's Smartphone Show in London on Tuesday.

Very few real mobile viruses have actually proliferated in the market,
said Morton Graubelle, executive vice president of marketing at Red
Bend Software, a company that offers products that allow over-the-air
installation and management of firmware for mobile devices. Instead,
the companies whipping up fear around mobile viruses are largely
looking after themselves. "We have companies making money out of
scaring people, warning them about viruses," he said.

Industry leaders also blamed mobile operators for the growing concern
over mobile viruses. "I have a sense that there's hysteria from the
operators," said Ben Wood, research vice president for mobile devices
at Gartner.

Geoff Preston, head of marketing technology at Symbian, agreed that
operators are getting "agitated" about the prospect of mobile viruses
and thus are furthering the hype around such potential problems.

Ultimately, these speakers were optimistic that the wireless industry
could continue to aggressively push security in order to stem the
possibility of viruses becoming a real problem in the mobile world.  
"The mobile world should not just follow the PC paradigm by being
reactive. We should be proactive to prevent getting to the point the
PC world is in today," said Preston.

Rather than worrying so much about potential mobile viruses, IT
departments can do a better job of securing data that is stored on
devices. A simple education process for mobile workers can help, said
Chris Atwell, sales director at Extended Systems, a company that
offers software that secures mobile access to corporate data. IT
departments should emphasize that users should keep their devices
locked and use an authentication process to access data. With such
policies in place, workers will begin to recognize that the data
stored or accessible on the phone has value and that may make them
think twice about downloading suspicious files, for example, Atwell
said.

Companies can also deploy platforms that allow them to remotely erase
or kill a device that might be lost or stolen, thus helping to protect
sensitive data from getting into the wrong hands.

Graubelle also stressed that mobile operators can implement device
management platforms that can allow them to revoke applications that
users may download, thus stemming the spread of potentially harmful
viruses. While some operators are beginning to police such downloads,
all have a responsibility to do so, he said.





More information about the ISN mailing list