BYOD is being deployed as CISOs name malware as main mobile threat

Despite nearly three-quarters of enterprises discussing the deployment of custom mobile applications, half admit that mobility is challenging.

According to Symantec's 2012 State of Mobility Survey, which polled 6,275 organisations in 43 countries, 71 per cent of respondents are discussing custom mobile applications, while one-third are currently implementing, or have already implemented, them.

CJ Desai, senior vice-president of the endpoint and mobility group at Symantec, said: “We are impressed by the pace of mobile application adoption within organisations. This cultural change from refusing mobile devices not in the past to actively distributing and developing them has introduced a brand new set of challenges and complexities for IT staff.

“Encouragingly, from a safety perspective, a majority of organisations are thinking beyond the easy case of lost or stolen cellphones.”

The survey also found that 70 per cent of respondents expect smartphones and tablets currently in use to extend employee productivity, and 77 per cent had already seen productivity gains after implementation.

However, three-quarters of organisations said maintaining a high level of security is a top business objective around mobility, with 41 per cent identifying mobile devices as among the many top three IT risks because of loss and theft, data leakage, unauthorised access to corporate resources and the spread of malware infections from mobile devices to the corporate network.

Greg Day, EMEA security CTO and director of strategy at Symantec, said: “Interestingly, the number-one risk [identified] globally for mobile devices was malware; i did not expect that for the reason that volume we see is infinitesimal compared with PC malware, but my view is that there was enough inkling of incidents for businesses to go looking and say ‘what is occurring?'.

“In EMEA the number-one concern was in preventing unauthorised network access, or application access from smart devices. Second was lost or stolen devices; one CISO told me that after the iPad 3 comes out, he expects a rise in lost devices.”

Day added that 1/2 CISOs were interested by an ongoing bring-your-own-device (BYOD) project, while getting control of knowledge was also high on their agenda. The survey mentioned that there has been an overall reduction within the support of private devices and in complete social media access.

“The main topic of conversation is BYOD â€" support or don't support â€" and what I heard greater than anything was liability, to not the business but to the user. So if i attempt to manage this device and lock it down, who do they hold in charge of it? i will not inspect their personal data, there's liability in supporting the user for everything, so I become a more broader point of support,” he said.