Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assurance for the Mobile User: Mobile Device Security.

Similar presentations

Presentation on theme: "Assurance for the Mobile User: Mobile Device Security."— Presentation transcript:

1 Assurance for the Mobile User: Mobile Device Security

2 Symantec Mobile Enterprise Security2 Agenda Who are we? Evolving Device Security Market Call To Action 1 2 3

3 Market for Device Security

4 Symantec Mobile Enterprise Security4 Consumers Grow Sophisticated as the World Converges.. Mobile Content, Services, Providers all Converging … Emergence of the Prosumer Mobile Content, Services, Providers all Converging … Emergence of the Prosumer Better Devices –100 Million Symbian Smart Phones shipped to-date –High penetration in matured markets & youth segments in emerging markets –IMS Services Enabled Devices Richer Content –Open Standards Push eMail –38.2% CAGR grow in Mobile eMail –Richer Content on Devices –Better cameras, more storage Richer Services –M-Commerce Resurgence –Content to Blog sites

5 Symantec Mobile Enterprise Security5 The Smart Phone Security Perfect Storm Outdated Thinking: 75% of companies have not addressed smart phone security* (60% cite security as biggest mobility obstacle*) IT is Organizing: Ad hoc deployment giving way to centralized policies that include all endpoints (Server, PC, Laptop and Mobile) Mobile/wireless IT spending likely to exceed IT budget growth in many organizations: 12.5% avg. growth rate (Source: Gartner) Increasing Mobile Device Threats: Mobile virus variants have doubled every 6 months since 2004 (235 mobile virus variants in H106) (Source: Symantec Security Response) Enterprise Faith: 80% of companies are allowing corporate data on devices, yet continue to not secure the data* Fastest Growing Device Segment: Smart phone growth = 77% Other mobiles = 27% Mobiles out ship PCs 5:1 in 2006 (Source: Canalys for H105 to H106, IDC & Gartner) * Q1 2006 Symantec survey conducted by Economist Intelligence Unit

6 Symantec Mobile Enterprise Security6 Global Survey on Enterprise Attitudes Toward Mobile Device Security OBJECTIVES –To explore corporate attitudes regarding enterprise mobile device security –Survey done against 248 companies headquartered in North America, Western Europe, and Asia Pacific RESULTS –60% said security biggest obstacle –Only 9% addressed security issues –88% of companies deals with security on an ad-hoc basis or do not address it at all –25% of senior management fully understands the risks of mobile computing in North America, compared with 30% in Western Europe and 37% in Asia Pacific. –4 out of 5 companies surveyed view the risk of mobile data services the same or greater than wired data risks. Source : Economist Intelligence Unit

7 Symantec Mobile Enterprise Security7 Global Survey on Enterprise Attitudes Toward Mobile Device Security NOTABLE DATA –Reasons for companies permitting mobile access Improve employee productivity - 73%, to enable increased business flexibility - 46%, and increase responsiveness to customers - 33%. POLICIES ON STORAGE OF CORPORATE DATA –While 21% of North American companies allow storage of corporate data on employee-owned mobile devices and leave security to employees, only 13% of companies in other global regions do the same. –Only 53% of North American companies limit storage of corporate data to company-owned mobile devices; 64% of companies outside North America allow storage of corporate data only on company- owned devices. Source : Economist Intelligence Unit

8 Symantec Mobile Enterprise Security8 Cabir released Skulls[A-B] released Cabir.B Released Cabir Source Code released 18 Variants in 1 Month Commwarrior[A-B], Dampig, Drever[A-C], Skulls[E-H] released Doomboot[A-C], Skulls[K-L], Cabir.U released First Symbian Spyware Released. Threat Landscape: Wireless Threats Continue to Proliferate Symantec Response has already identified over 30 vulnerabilities on the Windows Mobile 5 OS. Threats for Windows Mobile are likely to follow a similar evolution pattern as Symbian and PC threats.

9 Symantec Mobile Enterprise Security9 Increasing amount of personal content on mobiles –Highly personal pictures, videos e.g. lost mobile content in HK sold for profit Attacks now for Financial Gain… not Notoriety –30 of the top 50 threats exposed user confidential data (source Symantec ISTR X ) Premium SMS attacks can drain user accounts –RedBrowser.A and Webser released in February 2006 –No predictive fraud detection methods in many mobile payment mechanism similar ass offered by Visa and MasterCard Devices increasingly becoming payment instruments –Pay-with-a-wave in Japan, UK… add financial risk to mobile New Platform, New Risks: Pranking4Profit Mobiles are becoming digital wallets and identities but Mobile payment fraud methods are comparatively immature Mobiles are becoming digital wallets and identities but Mobile payment fraud methods are comparatively immature

10 Symantec Mobile Enterprise Security10 People are the Perimeter: Mobile blurs the distinction between Employee and Consumer, between user and network –If a mobile phone is always with you… it is always a risk 70% use their mobile phones as alarm clocks (source ICM Research) –Snoopware: Mobile spyware exploits the telephony apps… not eMail Consult the calendar to determine the best times to snoop Remotely activate the microphone to eavesdrop on conversations or spy via pictures and video Examples: FlexiSpy and iCam (available April 2006) New Platform, New Risks: Snoopware… an Invasion of Privacy Snoopware puts a Stranger in your Bedroom and a Competitor in your Boardroom

11 Symantec Mobile Enterprise Security11 Loss/Theft/Damage of a mobile device far more likely than PCs –Phones lost 15X more frequently than PCs by some estimates –In the UK, 20,000 devices are lost or stolen in the UK each month and one third of all robberies now solely involve mobile phones (Sources: ARC & UK Govt Stats) Loss Mitigation: Flexible defense to match the risk –Anti-Virus, Remote wipe and kill, Data Encryption, File Activity Log AV prevents undetected loss of data Activity Log = peace-of-mind & a regulatory compliance option without the overhead of encryption –Future of Loss Mitigation: Data Backup and Recovery Data tagged as personal or business, encrypted on the phone, sent over-the-air and targeted at either the work or home PC for back-up New platform, New risks: Mobile Loss Mitigation Lost phones hurt everyone: Users, Employers and Operators

12 Symantec Mobile Enterprise Security12 Call to Action Managed Anti-Virus Prevent virus & malware outbreaks Anti-SPAM eMail SPAM prevention Secure User Identities Prevention of identity theft IM Threat Protection SPAM prevention on IM Managed Apps Back Up & Storage Protecting business critical information Managed Web Content Prevent attacks on corporate web sites Mobile Device Protection Anti-Virus & Firewall Managed Anti-Virus Prevent virus & malware outbreaks Anti-SPAM eMail SPAM prevention

13 Q&A

Download ppt "Assurance for the Mobile User: Mobile Device Security."

Similar presentations

Ads by Google