Check out our previous article

Protection for Every Endpoint

Introduction

Given today’s increasingly volatile threat landscape, organizations know they need to take a more holistic approach to protecting their endpoints. Generally this has meant applying security technologies to their laptops, desktops, and servers. But today’s workforce is increasingly mobile, and that means more and more workers are using a wide range of mobile devices to access corporate data over insecure public and home networks.

From an endpoint security perspective, this development has profound implications. As mobile technologies mature and grow increasingly sophisticated, organizations would do well to ask themselves a simple question: are today’s smartphones being used more as a phone or a computer? Read on to learn why it’s essential that smartphones be safeguarded with the same security and data protection capabilities as other corporate computing devices.

The next battleground

While it’s true that the threats to smartphones are relatively rare compared to those targeting PCs, Symantec sees these devices as the next destination of hackers. In fact, the most recent edition of the Symantec Internet Security Threat Report found that threats such as spam and phishing are increasingly “going mobile.” It’s not hard to see why.

Users of mobile devices typically perceive messages received by SMS (short messaging service) as being more personal than those received by email on a desktop computer. And, since the threats against these devices thus far have been rare, users are more likely to trust those messages and to act on them. For example, last May saw the arrival of MobileSpy, a spyware application that logs SMS message and phone data and sends the gathered information to a remote attacker.

A 2007 study commissioned by the National Cyber Security Alliance and Cisco appears to bear that out. The study was based on interviews with 700 mobile workers in the United States, United Kingdom, Germany, China, India, South Korea, and Singapore. Among the findings: 73% of the mobile workers said they aren’t always aware of security threats and best practices when working on the go, and nearly 30% of them admitted that they “hardly ever” consider security risks and proper behavior.

Some industry observers have gone so far as to say that a "perfect storm" is brewing in the area of mobile security as a result of a number of key factors:

• Adoption rates for smartphones are on the rise. Researchers at Gartner predict that, sometime this year, smartphones will outship PCs. Fellow researcher IDC, meanwhile, reports that by 2009 the number of mobile workers in the United States will account for more than 70% of the country's total workforce.
• The technical capabilities of smartphones are catching up to PCs at a rapid rate. Email, instant messaging, online banking, online shopping, and Web surfing are all possible.
• Research from Symantec’s Global Intelligence Network shows that, since 2004, the number of threats targeting smart devices has doubled every six months.
• Symantec has observed viruses spread on smartphones in a variety of ways: Internet downloads, MMS (multimedia messaging service) attachments, and Bluetooth transfers. They also show up as game downloads, updates to the phone’s system, ring tones, or alerts. The latest and most sophisticated threats are known as “Pranking4Profit,” and they do things like redirect calls to a different carrier in another country.

View our previous issues

• Spyware and Adware

• Patch Management

• Online Fraud

• Instant Messaging - Malicious Threats and Vulnerabilities

• Wireless Threat

• Drive-By Pharming: How Clicking on a Link Can Cost You Dearly

• Symantec Threat Report Documents Increasingly Sophisticated Attacks

• Monthly Spam Landscape

• Preserve and Protect Your Data

• Stop Spam and Other Messaging Threats at the Gateway

• Protection for Every Endpoint