Enterprises should guard their network perimeters with a more holistic approach

Vishak Raman,
Regional Director SAARC,
Fortinet
 

How do you view mobile security?

Mobile security is an emerging issue in today's 3G environment in India, fully becoming part of this bandwagon. Fortinet believes that malicious activity on smart mobile devices such as smart phones has been low to date, but with the anticipated consumer adoption of 3G and the new and business models, it will open up a new and enormous market for cybercriminal activity. All this will open doors for virus infections and attacks and calls for a focussed approach to secure millions of handheld mobile devices in operation today.

What are the trends in the mobile security space?

A number of trends are driving the need for better mobile device management and security. The combination of an increasingly varied set of mobile devices with increasing memory, power and portability, combined with a trend toward more powerful, IP-based network infrastructures, is creating a fertile ground for the migration of Internet-based threats in the mobile space. At the same time, new and powerful mobile applications are being launched and security threats are becoming increasingly sophisticated. 

Trend 1: More powerful and less expensive mobile devices are becoming ubiquitous and are as irreplaceable as any PC or laptop, significantly increasing the risks from loss and theft, as seen with Moore’s laws. 

Trend 2: A move toward more powerful, IP-based network infrastructures is leading to increased use of data-heavy mobile services, which need more sophisticated management.

Trend 3: More advanced and data-heavy mobile applications and services on employees' mobile devices require more sophisticated monitoring and management. Mobile devices are increasingly being used for business transactions on the go and this, again, points to the probability of a security breach entering the enterprise/ carrier grade network via such devices.

Trend 4: More and more sophisticated security threats are appearing as new devices provide richer targets. Although, so far, infestation of wireless handsets by Internet-based security threats has been relatively low, new threats to mobile devices, including malicious programs (viruses, worms and Trojan horses) continue to appear. In the last few months, two new Trojan horse viruses - one targeting Symbian SMS messages and another targeting specific Windows Mobile programs; two new worms, one targeting particular Symbian phones and another targeting multimedia cards; and a new spyware application - have appeared in the market. 

What are the main problems with smartphone-based viruses and malware?

With the growing popularity of smartphones, people are beginning to speculate about whether there will be an explosion of security issues in the near future. The key issue with smartphone-based viruses and malware is that they are difficult to track down, owing to the wireless nature of mobile phones. 

One of the new issues which is being now noticed in the mobile phone malware stakes is the development of smartphone fakeware - like the desktop equivalents there is an infection on the user's smartphone and recommends a download. The download means a malicious code which is loaded onto the smart hone and the mobile is synchronized with a desktop PC. Then, the desktop computer ends up being infected as well. The maliciously coded worms are increasingly being seen creating a problem for smart phone users and creating panic for all of us.

Why is ensuring mobile security more challenging than locking down PCs? 

Despite their growing prevalence in the enterprise, smartphone is the poor cousin when it comes to data protection and that has to change while most enterprises have well- defined policies for securing laptops and PCs. Many still treat mobile devices as an afterthought even though the latter are increasingly likely to be in widespread use and contain valuable corporate data.

And, it is likely to become a growing problem for businesses. Gartner predicts that smartphones will surpass PCs and laptops as users' primary computing devices by 2013, when more than 600 million units will be in use. Ensuring mobile security is more challenging than locking down PCs due to the number of platforms on the market combined with the fact that employees tend to use their personal devices for work-related tasks.

But with mobile devices becoming ubiquitous in the workforce, many believe it is only a matter of time before they become the primary target for malware, phishing schemes, and social engineering attacks. So, enterprises need to start developing comprehensive mobile security practices and policies now.

What developments do you expect in the next few years when it comes to the mobile workforce?

As far as we can see, based on existing trends, most likely than not, mobile workforce will continue to expand, especially for workers with multinational companies. The technology industry seems to be leading the way, while riding on twin trends of technology and globalization. With workers congregating virtually from far-flung locations for transactions, collaboration and strategy sessions, verticals such as banking, telemedicine and other intellectual property heavy industries will head towards this trend. In such an environment, data integrity and cybersecurity remains paramount, as mobile devices will probably increase the possibility of the extended network perimeter being taken down by threats entering via an unwitting corporate user, if unprotected. 

Hence, enterprises should take precaution and guard their network perimeters with a more holistic approach. Considering the unified threat management (UTM) approach, this is the one area which Fortinet has pioneered and innovated. Currently, Fortinet FortiGate solution, touting this approach, is a leading vendor in the global marketplace, according to IDC.

For more contact :
beenish@varindia.com