The threat of hackers and virus pushers is growing in relation to the power of mobile devices, the growth of e-commerce, and the rising value of the information transmitted through the air.
That's the main point of this TowerGroup release. Much of this has been said before, though the TowerGroup does a good job of encapsulating a lot of helpful information. From our perspective, the most interesting element of the release is the assessment that mobile commerce applications from the financial services industry do not adequately focus on the state of mobile security.
Our take is pretty simple: If the financial services industry hasn't gotten the message yet, what will it take? We've said before that the loss of devices -- laptops with entire databases brimming with customer data and less noted but still damaging losses of cell phones and PDAs -- must be confronted head-on.
What's remarkable is the anecdotal evidence that corporate decision makers, at least in some cases, don't seem to agree. Regulatory compliance and legal requirements that are deeply intertwined with security make it even more curious that more corporate attention apparently isn't being paid.
If this is so -- and we have no way to truly know if it is -- perhaps the disconnect is rooted in a naive assumption on IT's (and our) part that the loss of data and subsequent fines, bad press and lawsuits are enough to change corporate culture. But, perhaps, buried somewhere in enough accounting executives' Excel spreadsheets, there are figures bolstering the rationale for bypassing safeguards.
Ironically, the assessment that corporate safeguards are inadequate barely is mentioned in this release. But the implications are huge. It seems clear that enterprises must make a "C-level" decision about their overall relationship to mobility. A key commitment within that decision is the funding and latitude that will be given to protecting the data.
This all seems so obvious that it's unsettling that it apparently is not getting done more quickly. If it isn't, observers must question whether the reasons are rooted in unintentional corporate inertia or premeditated benign neglect.