Enterprises need to rethink and review their security and defense mechanisms as the popularity of smartphones for business use is growing, according to a report by IDC.
The report, Enterprise Mobile Device Security: Development Guidance to Tackle the Mobile Security Minefield, examines the need for enterprise mobile security, especially within the mobile banking and payment arena, and recommends measures to boost mobile security, including mobile device management (MDM) and mobile application management (MAM).
IDC Financial Insights Asia/Pacific Financial Advisory Service associate director CFA Li-May Chew said by 2012, the Asia/Pacific region will command 47% of the global smartphone pie, which is equivalent to 541 million units.
"With the rise of smartphones, IDC expects malicious mobile software – or malware such as viruses, worms, trojan horses, spyware and other rouge applications – to increase exponentially as we move into the future and this will in return amplify demand for mobile security solutions in Asia/Pacific," he stated.
Meanwhile, the rising adoption of mobile devices within the business environment or the bring-your-own-devices (BYODs) phenomenon, coupled with increasing popularity of mobile banking, payments and wealth management schemes, IDC forecasts that these instruments will become a more prominent vector of attack for cybercriminals seeking to harvest corporate and financial data.
The research firm cited an example where malware could incorporate fake mobile banking applications in legitimate application stores to steal personal banking information.
The report detailed preventive measures to address enterprise mobile security threats which include MDM like security tools to remotely secure, monitor, encrypt and manage data, and MAM to secure and control corporate data and applications on an app-by-app basis.
"Nonetheless, it is not all about installing stringent mobile security features. As clich̩ as it may sound, we Рdevice owners and end-users Рare typically the weakest link when it comes to information security. It is thus up to enterprises to increase employee awareness of these threats and introduce programs to inculcate secure practices in the work environment," Chew added.
Idc also revealed that most employees are not aware of their company’s mobile security policies and the need to educate staff about those policies and ensure that they are adhering to necessary security mandates intensify.
