As mobile usage grows, so should security: IDC

By Digital News Asia June 29, 2012

Enterprise urged to beef up mobile security policies due to rising use of smartphones to transact
Companies must increase employee awareness, introduce programs to inculcate secure practices

ENTERPISES need to review their mobile security policies as mobile banking and payments increase in popularity, according to IDC Financial Insights.

In a statement release June 28, the research firm noted that the popularity and massive growth of smartphones for business use are forcing enterprises to sit up and rethink their security and defense mechanisms.

In a report entitled, "Enterprise Mobile Device Security: Development Guidance to Tackle the Mobile Security Minefield," IDC Financial Insights examined the need for enterprise mobile security, especially within the mobile banking and payment arena, and discussed core measures for enterprises to boost mobile security, including mobile device management (MDM) and mobile application management (MAM).

"By 2012, the Asia/Pacific region will command 47% of the global smartphone pie, which is equivalent to 541 million units (See figure, click to enlarge)," said Li-May Chew, associate director for IDC Financial Insights Asia/Pacific Financial Advisory Service.

The results of the IDC study correlates with another finding revealed by PayPal, which noted that mobile commerce activity in Malaysia have quadrupled from 2010 to 2011.

The payment provider's recent survey conducted by Nielsen noted that mobile commerce spending in Malaysia increased 370% from RM101 million (US$31.7mil) to RM467 million (US$146.6mil).

Chew said that with the rise of smartphones, IDC expects malicious mobile software -- or malware such as viruses, worms, trojan horses, spyware and other rouge applications -- to increase exponentially.

"As we move into the future and this will in return amplify demand for mobile security solutions in Asia/Pacific," she said in a statement.

Meanwhile, IDC noted that the increasing prevalence of mobile devices within the business environment, also known as the consumerization of IT or the bring-your-own-devices (BYODs) phenomenon, coupled with increasing popularity of mobile banking, payments and wealth management schemes further imply that these instruments will become a more prominent vector of attack for cybercriminals.

For instance, malware could incorporate fake mobile banking applications in legitimate application stores to steal personal banking information, IDC noted.

According to IDC, preventive measures against mobile security threats include MDM such as robust security tools to remotely secure, monitor, encrypt and manage data, and MAM to secure and control corporate data and applications on an app-by-app basis.

Chew, added, “Nonetheless, it is not all about installing stringent mobile security features. As cliché as it may sound, we -- device owners and end-users -- are typically the weakest link when it comes to information security.

"It is thus up to enterprises to increase employee awareness of these threats and introduce programs to inculcate secure practices in the work environment.”

IDC said although majority of organizations that allow BYODs have developed policies to support this trend, most employees are not aware of their company's mobile security policies.

With more enterprises allowing employees to use non-standard unmanaged devices for work to access sensitive corporate information, the need to educate staff about mobile security policies and ensure that they are adhering to necessary security mandates intensify, it added.