As security experts from around the globe get ready to descend on San Francisco next week for the RSA Conference 2011, mobile security is sure to be top of mind.
With the proliferation of mobile computing devices, security experts have been saying that it's only a matter of time before these devices start to be compromised on a large-scale basis. The only thing holding back the tide of malware at this point is simply the fact that it's not economical enough yet for distributors of malware to target a specific platform. But the odds are good that there will soon be more than enough Apple iPhone and iPad devices out there to make for a tempting target. And not too long after that, the Google Android operating system will be next up on the list.
The reason that this is going to be problematic for most IT organizations is that end users own most of these devices, so it's not like the IT department can tell them what sites not to visit. That creates a high probability that malware payloads hidden in any number of websites will eventually infect these devices.
To help address this issue, Symantec this week rolled out Norton DNS 1.5, which gives users of mobile computing devices basic anti-malware, anti-spyware and anti-phishing capabilities. The company also released an update to its Norton Mobile Security that adds support for Google Android devices. Users can use Norton Mobile Security to remotely locate a missing device and lock down access or wipe it clean of data. Finally, there's a beta offering of Norton Mobile Utilities for Google Android that allows users to better manage application downloads and stay within the limits of their plans.
While IT organizations tend to view Norton products as consumer offerings, in many cases, Norton products will be the most affordable first line of defense given the fact that the mobile computing device is directly owned by the employee. So in most cases, all an IT organization can really do is suggest that the employee download some type of mobile security software. There are a few that can obviously mandate that end users deploy some officially sanctioned mobile security software, but most IT organizations' security policies have not yet caught up with the explosion of mobile security devices.
Con Mallon, Symantec's consumer director of regional product marketing for EMEA, says that it's still early days when it comes to security breaches on mobile computing devices. However, he adds that it's almost a certainty that before the year is out mobile security will show itself to be a much bigger corporate problem than most companies have bargained for.