There is a lot to recommend an “ounce of prevention.” We take this medicine when we eat wholesome food and exercise, and when we get the oil changed in our vehicles. When it comes to computing there are probably few people left in the business world who don’t have some kind of virus protection on their desktop or laptop, and there are countless organizations that spend large sums of money every year to secure their fixed computing assets and the data they hold.

But when it comes to mobile devices, prevention of data loss seems to be on the back burner even while the threats are increasing.

So just what are the threats? Well consider the concept of something called “snoopware.” This is basically the stuff that used to be only in the hands of government spies. These types of programs turn on your phone’s camera when you don’t know about it, or export data from your phone to a nearby laptop or other phone. Imagine one of these loose on your project manager’s cell phone, or your engineer’s PDA.

Then too there are all the usual suspects: viruses, Trojan horses, and even malware that drains your battery. There are those who argue that mobile devices are inherently more risky than fixed systems when it comes to threats of these kinds. The reasons they offer is that mobile devices come in a wide variety of operating systems and their portability means that data breaches might be more difficult to detect, and harder to rein in once discovered – if discovered at all. Then too, during the course of a business day you are trading information with many people, not all of it is intended for a wide audience.

Your trusted painting subcontractor could very well have sensitive data of yours on his cellphone in the form of email messages, contact information or cost data. You trust him, but what about all the mobile devices he comes near every day? Do you trust all of those? Are the people who manage the security of those devices also trusted? Worse, do you even know how your partners handle their mobile data?

Sometimes it seems like the whole technology security thing is just too big to get your mind around. That’s when I begin to wonder about things.

I’m sure I’m not the only one who has wondered if antivirus software makers are behind the viruses and malware that their products protect against. After all, in an insane world it would be an incredibly profitable business model. Sometimes the timelines of things add to my wonderment. Consider these headlines of CNET articles from a few weeks in 2000 paying close attention to the dates:

According to that last article it was McAfee’s Finland-based F-Secure that discovered the Phage.936 in the dead of night. Symantec had just released its antivirus software for the Palm in the spring of that year at a time when its stock had been languishing because of its close tie to the consumer retail market.

This is of course an exercise in entertainment and I only offer it for the delight of those readers who enjoy conspiracy theories. We have to proceed under the assumption that there is integrity within the software and hardware pipelines, otherwise all is lost.

Regardless of the source of these scourges to mobile devices there is an indication that companies are ill prepared for the chaos that may be coming their way from them. In a paper authored by two executives at Unisys it was noted that by this year nearly 70 percent of U.S. workers would be using mobile devices. Their point that it was “remarkable” how quickly the mobile platforms had integrated with fixed enterprise systems without the in-depth security vetting that had typically accompanied other technology rollouts, was a startling understatement.

At that time the authors also pointed out that while 80 percent of organizations reported allowing employees to access data remotely, only 32 percent had provided any security training to those employees.

Perhaps the idea of securing mobile devices is such a quagmire we just prefer to bury our heads in the sand and hope everything works out. After all, these devices are ubiquitously used for personal as well as business purposes. Just how do you begin to separate the two during a 12 hour day filled with email, phone calls, pictures, data exchanges and document viewings? Just how do you make sure everyone shares data only on a need to know basis, and then they share only the right data? How do you make sure all your cell phones are running up-to-date antivirus and spyware software?

It’s time to start thinking about the answers.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • MySpace
  • LinkedIn
  • Twitter
  • Mixx
  • Google Bookmarks
  • Technorati
  • Sphinn
  • StumbleUpon
  • Blogplay
  • Yahoo! Buzz
  • Slashdot
  • Blogosphere News