Just how quickly are enterprises adopting mobile applications? Very, very quickly.

Mobile Security: Why You Need to Go Beyond the Basics
Just how quickly are enterprises adopting mobile applications?
Very, very quickly.
According to one recent survey, as many as 71% of organizations are using or planning to use
custom mobile applications.
"We have reached a tipping point in the business use of mobile devices," concludes Symantec's
2012 State of Mobility Survey. "Most organizations are making line-of-business applications
available [to mobile devices]."
The reasons for this, of course, are clear: Businesses want to improve agility, increase
workplace effectiveness, and take less time to accomplish business-critical tasks.
But there is a price to pay. Survey respondents said they are keenly aware of the potential risks
mobility can pose, ranking mobile devices as one of their top three IT risks. Specifically, they're
worried about losing devices, data loss, and malware infecting the corporate network through
smartphones and tablets.
Continue reading to learn how this mobility tipping point is affecting IT and what steps
1/4
Mobile Security: Why You Need to Go Beyond the Basics
organizations need to take to improve the effectiveness of their mobile initiatives.
Mobile devices now considered critical business tools
The State of Mobility Survey underscores just how rapidly mobility has gone "mainstream." For
example, it wasn't long ago that organizations routinely banned mobile devices from the
corporate network or restricted them to accessing email. Today, nearly 60% of organizations
are making line-of-business applications accessible from mobile devices. And nearly
three-quarters (71%) of them are even looking into implementing a corporate "store" to
distribute their mobile applications.
At the same time, the survey found that mobile initiatives have a significant impact on IT
resources. Nearly half of the organizations surveyed (48%) see mobile computing as
"somewhat to extremely challenging," adding that their top priorities are security, backup, and
dealing with lost or stolen devices. On average, nearly one-third of the IT staff (31%) is involved
in some way with mobile computing.
While IT organizations recognize that mobile adoption is not without risks, fewer than half of the
respondents have implemented such security measures as antivirus software and remote
disabling of devices.
That could pose a serious problem, particularly as cybercriminals are now turning their full
attention to mobile technology. The recent increase in mobile malware—especially that
targeting the Android platform—is most likely only the beginning of the story.
Case in point: A recent research report from Symantec, " Motivations of Recent Android
Malware
," sheds light on the current
monetization schemes behind the growing wave of malware focusing on this new mobile
computing platform. The report suggests that the Android's open platform and surging
popularity provide attackers with more than ample motivation to concoct increasingly
sophisticated revenue-generating schemes.
Regardless of the operating system they deploy, organizations large and small are seeing
damages mount due to mobility-related security issues, according to the State of Mobility
Survey. Over the last 12 months, mobile incidents for enterprises—including data loss, damage
2/4
Mobile Security: Why You Need to Go Beyond the Basics
to the brand, productivity loss, and loss of customer trust—averaged $429,000.
Despite these very real losses, most organizations still feel that mobility continues to be worth
the challenges and risks involved. Nearly three-quarters (71%) said they at least break even
when it comes to risks versus rewards.
Don't choose between productivity and security
The dramatic shift in the nature of mobility, from being an email extension to a core business
enabler, means that enterprises must begin thinking beyond the simple case of lost or stolen
mobile phones. Symantec recommends the following steps:
- Enable broadly. Plan for line-of-business applications that have mainstream use.
Employees will use mobile devices for business one way or another—make it on your terms.
- Think strategically. Think beyond email. Explore all the mobile opportunities that can be
introduced and understand the risks and threats that need to be mitigated.
- Manage efficiently. Mobile devices are endpoints that require the same attention given to
PCs and laptops. The management of mobile devices should therefore be integrated into your
overall IT management framework and administered the same way. Don't treat mobile
applications as a separate "silo."
- Enforce appropriately. You need to enforce acceptable usage policies that accommodate
both corporate-owned and privately owned devices. Plan for this legally, operationally, and
culturally.
- Secure comprehensively. Look beyond basic password, "wipe," and application-blocking
policies. Focus on the information and where it is viewed, transmitted, and stored. Integrate with
your existing data loss prevention, encryption, and authentication policies.
Symantec advances enterprise mobility strategy
Symantec recently announced several advances in core areas of its enterprise mobility
strategy, with enhancements specifically for the Android, iOS, and Windows Phone 7 platforms.
Symantec's mobility strategy addresses enterprises' concerns by stressing the application of
corporate security policies uniformly on all mobile devices, endpoints, and applications. The aim
is to help organizations secure mobile data and enable business productivity for both
corporate-managed and personally owned, unmanaged devices. This enhanced support is
intended to give enterprises the visibility and control they need to confidently embrace the
proliferation of mobile devices.
Conclusion
3/4
Mobile Security: Why You Need to Go Beyond the Basics
A tipping point has been reached in the business use of mobile devices. That's why it's more
important than ever that the hundreds of millions of employees throughout the world who use
mobile devices such as smartphones to access corporate information do so securely.
Organizations that want to realize the competitive advantages offered by mobile computing
need to apply corporate security policies uniformly on all mobile devices, endpoints, and
applications.
4/4