Handhelds remain a security risk

23 Nov 2005

Every year 85,000 mobile devices from phones to PDAs are lost in taxis in Chicago, said Marianne Roling, Microsoft’s director for Europe for mobile and embedded devices. Some people might say big deal they are only mobile phones mostly and in Ireland the figure must be smaller by comparison. However, because of the growing sophistication of these devices, important data such as passwords, financial information and client databases are going missing on a scale that makes MI5’s embarrassing loss of a laptop on a train a few years back pale into insignificance.

In a world increasingly being populated by hackers and corporate spies, the growing loss and mismanagement of these devices are becoming harrowing experiences for IT managers and chief information officers (CIOs) and a growing threat for businesses that could lose if the integrity and privacy of their data is in anyway compromised. Roling put the threat into perspective. Speaking at a recent IDC Mobility Conference in Dublin, she said: “Some 175 million PCs are manufactured and shipped every year. However, every year some 700 million mobile devices are being shipped.” The importance and value of protecting mobile devices is given significance if Gartner’s prediction that by 2008 more than 80pc of mobile knowledge workers will have access to wireless email.

If you arm an executive with a mobile device that can send and receive important corporate information and that device falls into the wrong hands, without the right policies, systems and procedures in place, it is like opening the door to your server room to a hacker armed with a Kalashnikov.

“Some 30pc to 40pc of businesses say they have a mobile data strategy,” said IDC research director Lars Vestergaard (pictured), speaking at a mobility conference in Dublin recently. “Firms risk running into a dead end if they don’t have a mobile strategy as a foundation. There is an incredible mismatch in the number of wireless technologies at use in business today — Wi-Fi, PDAs and mobile phones — however, there are few firms with strategies to underscore security threats. Having all of these devices in your organisation may look good on paper but it is hard for a CIO to deal with.

“Few CIOs are in charge of what’s going on — if they don’t their firms will have a sizeable amount of employees breaching their security. Going forward, security in the wireless age will be all about good device management,” Vestergaard said.

A survey of Telecoms Trends and Expenditure in Ireland by IDC revealed that some 28pc of organisations expect their mobile telecoms expenditure to increase in 2006. However, despite their willingness, Vestergaard argued businesses are in need of help in developing their technology strategy to support mobile employees.

“It might sound obvious but IT managers may have so many demands on their time that they need things to be kept simple,” Vestergaard commented in relation to the survey. “Keeping up to date with convergence, different partnerships, the overlap between solution providers and over-enthusiastic account managers are causing headaches for businesses and decision makers trying to support their mobile employees.

“Companies are now realising that they cannot continue along this non-strategic path. A good strategic approach requires consultative support; vendors that understand the needs of the business and can build a solution to match them.

“In order for this to really succeed, we foresee a significant rise in the necessity for managed services around mobility solutions, as organisations increasingly want to remove the uncertainty and rely on the experts. In this respect, it is important that vendors focus on their core business and that mobile operators, for example, do not pretend to be systems integrators,” Vestergaard said.

By John Kennedy