Messaging Security SchoolDefending mobile devices from viruses, spyware and malware <<previous|next>> :Countdown: Top 5 mobile spyware misconceptions
Handheld and Mobile Device Security Best Practices
Expanding antivirus to include the mobile enterprise
By Sandra Kay Miller
Antivirus is a critical application in today's enterprise network environment. So it comes as no surprise that as smartphones, PDAs and other mobile devices are integrated into standard business practices, there is a dire need to protect them. Mobile devices provide the increasingly crucial ability of allowing knowledge workers to connect to the corporate network, as well as the Internet, but for security professionals that means protecting the devices from emerging mobile viruses, traditional malware such as worms and spyware and mobile-targeted spam, sometimes called SPIM.
According to research firm Gartner Inc., by 2009, 27% of all handsets sold will be smartphones, as compared to less than 3% in 2004. As smartphones and PDAs become more powerful and deliver performance similar to PCs and laptops, it comes as no surprise that malicious code targeting mobile devices is also rising.
Smartphones often begin their foray into the enterprise with the most highly mobile employees purchasing devices themselves and then asking IT to allow them to use their devices for company business. Until there is an all-out decision to standardize within the enterprise, IT ends up trying to find a solution that will support a variety of devices running Symbian, Microsoft, Palm, Linux or BlackBerry operating systems.
Similar to the wired world, mobile malware has a tendency to infect a particular OS. In the wireless world, the platform of choice thus far has been Symbian, which boasts more than 75% of the mobile handset market. As Microsoft gains ground at 17%, most enterprise mobile antivirus products include support for both Symbian and Microsoft OSes. Blackberry devices, popular for enterprise deployments, have yet to see mobile malware.
There are a number of ways to address protecting numerous platforms and devices within the enterprise. The first, although not always the easiest, is to standardize the mobile OS or the device within the organization. Unfortunately, many smartphones and PDAs are "user-provisioned," meaning the users buy first and then demand to synchronize with the corporate network with little (if any) regard for security.
Another way to address heterogeneous mobile devices is to look for mobile antivirus products, as products from a number of vendors are designed to protect multiple OSes.
Deployment & updates
With smartphones and PDAs, which are essentially mini-computers, hooking into corporate networks to access everything from email to CRM applications, enterprises cannot afford to leave these devices vulnerable to malware. However, there is a distinct challenge when it comes to the deployment of mobile security software, especially in enterprises when there could be thousands of disparate devices in a global environment. Even after the software has been installed on the device, IT administrators still need a method for managing updates and accessing logs.
When choosing a mobile antivirus solution, look for how easily the product can assimilate into your existing infrastructure. Unfortunately, enterprise mobile device security products are still fairly new and have yet to become fully integrated into even the industry giants' antivirus suites. For example, even though its mobile product is not part of its suite for licensing purposes, Symantec Corp.'s System Center management console in its AntiVirus product gives administrators enterprise-wide control over all smartphones running the Mobile Security Corporate Edition package.
Yet other products, like Trend Micro Inc.'s Mobile Security, are engineered to work with existing device-management software, such as Akamai Technologies Inc. and iAnywhere Solutions Inc.'s Afaria line. Depending on your organization's existing antivirus implementation, adding mobile protection can range from downloading freely available software for as-needed installs, to taking another chunk out of the security budget for an integrated product that offers centralized control.
Still emerging as a standard enterprise application, many vendors at this time do not include mobile products with their security suite's licenses due to the diversity of coverage.
Once the mobile antivirus product is installed on the device, it is equally important to have access to updates. There are a number of ways in which mobile devices can be updated. The ideal method is through an integrated security console, through which all enterprise antivirus updates would be pushed.
However, mobile devices add an extra dimension beyond the traditional IP network, since there are multiple delivery methods. For example, F-Secure Corp.'s Mobile Security product can automatically update the signature database over an HTTPS data connection, incrementally via SMS messages or in the background via a GPRS connection.
Defense-in-depth is the mantra of any IT security administrator, and mobile devices are no exception. It's not just viruses that cause pain in enterprise mobile device deployments. Spam presents a significant financial liability in the mobile realm. Unlike traditional email spam, when a mobile device receives spam, the cost can be more that just corporate bandwidth and the time it takes to delete it. With cellular carriers charging for each SMS/MMS message time spent online and for data transfers, unwanted messages can rapidly add up to additional costs for the enterprise.
Furthermore, as mobile VoIP technologies gain ground, companies will have to contend with the reality of more than just text spam. Security vendors are already gearing up for the advent of voice spam -- automated calls inexpensively generated using VoIP technologies.
That's why an antivirusV-only product isn't going to make it in today's mobile security enterprise arena. Vendors have realized that addressing requirements for mobile deployment is much more than just porting an existing antivirus product into a mobile environment.
To cover all the bases, look for mobile security solutions that have integrated antispam, antispyware and personal firewall functionalities into their products.
Usability and productivity must be taken into account when choosing an enterprise mobile security solution. Todd Theimann, director of mobile device security for Trend Micro Inc., stresses that mobile security products need to be seamless to the user; otherwise, enterprises run the risk of having users bypass security features by turning them off or performing factory resets on the devices themselves.
Carriers are also recognizing the ubiquitous need for mobile device security and have begun including antivirus and anti-spam in their service contracts. While this helps alleviate the possibility of mobile malware, it is not an overall solution for providing mobile security to enterprise deployments.
About the author:
Sandra Kay Miller is a technical editor for Information Security magazine with 15 years of experience in developing and deploying leading edge technologies throughout the petroleum, manufacturing, luxury resort and software industries, and has been an analyst covering enterprise-class products for 10 years.
25 Jan 2007
Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.