Sunday, November 28, 2010

Companies Concerned About the Convergence of Mobile Devices for Work and Personal Use, Ovum Study Reveals

Dubai, UAE - Nov. 28, 2010 - Just weeks after Symantec Corp. (Nasdaq: SYMC) announced a major update to its mobile security and management strategy, a new analyst report shows enterprises are increasingly concerned about the potential security risks mobile devices pose to corporate networks and data, especially as employees use the same device for both work and personal activities. The study also reveals the need for a layered approach to creating a holistic enterprise security strategy.

Based on a survey of enterprise users conducted by independent technology analyst, Ovum, and the European Association for e-Identity and Security (EEMA), “Corporate mobile device use and security,” an Ovum Best Practice report, found that nine of 10 organisations either provide, or soon will provide, mobile devices for employee use, with BlackBerry smartphones outnumbering all other devices.

The report finds enterprises trying to manage the consumerisation of mobile IT. Seventy percent of employees say they are allowed to use their corporate devices for personal activities. A smaller but still significant number of workers -- 48 percent - say they can use their personally owned mobile devices to connect to corporate systems.

Still, many enterprises are concerned about employees' mixing work-related tasks on their mobile devices with social networking, web conferencing, media sharing and other personal activities. Eight of 10 respondents believe smartphones expose their business to attack, with data leakage cited as the top security concern.

“Employees will want to use their devices, no matter who owns them, for both their work and personal lives,” said Graham Titterington, a principal analyst at Ovum and author of the report. “It is unrealistic to delineate between these uses for employees who are mobile and working out of the office for a large part of their time. That means organisations must establish a holistic security strategy that addresses the consumerisation of this fast-growing channel into corporate networks and data.”

Yet the survey found protection to be spotty. Among the 52 percent of organisations that use some form of authentication for mobile users, 62 percent rely on simple user name and password sign-on. Only 18 percent use Public Key Infrastructure (PKI) certificates, and just nine percent utilise two-factor authentication featuring one-time passwords. One quarter use anti-virus and anti-malware solutions.

Smartphone Security Briefing to Offer Insights to IT

On Nov. 24, EEMA and Symantec will host an EEMA UK Regional Interest Group Meeting in London. The meeting will feature a Smartphone Security Briefing that builds on the findings in the EEMA and Ovum report, with IT-focused presentations by representatives from EEMA, Symantec, Research In Motion, Gemalto, and Symantec's VeriSign Authentication Group. Attendees of the one-day seminar will learn:

“For many professionals, the mobile phone has become a mobile office,” said Johnny Karam, Regional Director - MENA, Symantec.” But that doesn't mean enterprises need to leave themselves vulnerable to data breach, malware and other threats. A layered approach to mobile security allows enterprises to protect themselves and their users at every point of access, even before a phone receives a message or data transmission.”

“As this new study bears out, putting a smartphone security strategy in place is now a business imperative,” said Roger Dean, director at EEMA. “But how many organisations have the in-house expertise required to develop and implement a mobile strategy that fits seamlessly with their overall security profile? This one-day briefing will help IT executives take that next step, while allowing them to put their toughest questions to a panel of mobile security experts.”

Symantec Mobile Security and Management

Symantec's broad offering of enterprise mobile solutions helps organisations embrace the consumerisation of IT by allowing users to select the devices of choice while enforcing governance, securing corporate data and gaining visibility and control of all mobile platforms including the iPad, iPhone, Android, Blackberry and others. These solutions give administrators the ability to centrally define and distribute security policies to devices over-the-air. Symantec's solutions for enterprise mobile security and management include:

Device Management: Symantec Mobile Management

Device Security: Symantec Endpoint Protection Mobile Edition, Symantec Network Access Control Mobile Edition

Device Encryption: PGP Mobile, PGP Support Package for BlackBerry

Strong Authentication: VeriSign Identity Protection (VIP) Access for Mobile, VeriSign Device Certificate Services

Supporting Quotes

“Smartphones have become natural extensions of our personal and professional lives,” said Marcus Klische, advisor for BlackBerry Security Group, Research In Motion. “Today, more and more mobile applications are saving user data, accessing corporate networks and tracking movements. The need for the devices to be properly tested, configured and secured is therefore crucial.”

“Securing mobile data, while enabling access to corporate information, is a persistent challenge for organisations,” said Antonio Aranda, product manager of Mobile Transactions Security at Gemalto. “But new advances in SIM-based security are opening the door to secure payment channels for such applications as mobile banking, while offering any organisation the added protection of one-time passwords and mobile identity assurance based on WPKI.”

Connect with Symantec

Follow Symantec on Twitter

Join Symantec on Facebook

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at

About Ovum

Ovum provides clients with independent and objective analysis that enables them to make better business and technology decisions. Our research draws upon over 400,000 interviews a year with business and technology, telecoms and sourcing decision-makers, giving Ovum and our clients unparalleled insight not only into business requirements but also the technology that organisations must support. Ovum is part of the Datamonitor group.

No comments: