Mobile Device Security Woes

Great article by Tim Greene on endpoint security (http://www.networkworld.com/news/2010/040110-endpoint-security.html?hpg1=bn).One of Tim’s points was with regard to mobile device security. Large organizations now realize that endpoint security (and management) extends beyond PCs to mobile devices like Blackberrys, Droids, iPhones, iPads (author’s note: just had to get in an iPad reference today), etc.So which security technologies are most important for mobile device protection? According to a recent ESG Research survey, here are the top 5:1. Device encryption (51% of respondents rated this as “very important, 34% rated this as “important”)2. Device firewall (48% of respondents rated this as “very important, 37% rated this as “important”)3. Strong authentication (46% of respondents rated this as “very important, 41% rated this as “important”)4. Antivirus/Anti-spam (45% of respondents rated this as “very important, 37% rated this as “important”)5. Device locking (44% of respondents rated this as “very important, 41% rated this as “important”)Tim also interviewed several organizations looking to manage mobile device and PC/laptop security with common tools and processes. These folks are not alone — 70% of the organizations’ surveyed by ESG said that mobile devices and PC/laptop security is managed by the same group within IT, so it is safe to assume that these folks want to address new security concerns with established tools and processes rather than start over again with new ones. In my humble opinion, mobile device security is one of those areas that should get more attention. My guess is that this topic will remain buried — until a lost or stolen iPhone leads to a visible and costly security breach.