The vulnerability of mobile computing and communications is the big but sometimes hidden enterprise security threat. The best business security strategy: think “end-to-end.”
Enterprises today spend upwards of $4.5 billion annually on IT security. The software industry’s transition from mainframe computing to a client-server model to the Internet-based computing has brought with it a steady increase in the number and types of security threats. As we move forward, mobility is adding to existing IT security challenges by introducing a “new” set of security concerns for IT managers.
The growth of mobility has spawned several security challenges. Mobile devices are increasingly being connected to corporate networks to retrieve, store and transfer gigabytes of confidential data. Mobile handhelds are compact, portable and easily lost or stolen, and hence, put sensitive information at risk. The proliferation of insecure WLAN (WiFi) networks – including offices, homes, cafes, hotels, airports, etc. – pose a further threat to corporate security. Enterprises and their chief security officers need to protect themselves against the mobile environment that is cultivating new classes of viruses, worms, Trojans and spyware. SMS/mobile spam causes unnecessary user downtime and cost, and device features like Bluetooth, camera, video, removable cards (SD, compact flash), etc. make it easier for unauthorized individuals to access corporate information. In the context of all those threats, security is burdened with increased reporting, audits, and ongoing monitoring required by regulatory mandates such as SEC requirements, Sarbanes-Oxley accounting procedures, the Gramm-Leach-Bliley Act and the Payment Card Industry (PCI) data security standard.