RIM executive believes companies should do more to protect data on employee smartphones
Many companies in South Africa are starting to roll out mobile devices to boost the productivity of their mobile workers. However the lure of empowering employees and making them more efficient should be balanced with the need to secure the information that can be accessed on them believes Deon Liebenberg of RIM.
One threat that is growing in significance as more users count on smartphones for business applications is mobile malware. Just like PC viruses, malicious code has the potential to run undetected on a smartphone and wreak havoc within a corporate network.
Viruses, trojans, worms, and spyware – collectively referred to as malicious software or malware for short – can be calibrated to load themselves onto vulnerable smartphones with poor security, and run without user knowledge or action. Once they’ve burrowed their way into a smartphone, malware programmes can cripple the device by effectively using all its available memory.
A more dangerous malicious programme could transmit itself across the wireless network, bypassing some of the corporate network security systems, and potentially damage or infiltrate other components of the corporate network.
Most enterprises count on real-time anti-virus scanning software to prevent the transmission and proliferation of malware on computers. However smartphones are a different kettle of fish in so far as they are constrained by finite memory, processing power, and battery life. This means that the standard computer network approach of detecting malware using a large, frequently updated, local database or a constant connection to an online database has to be tailored.
Email attachments that users open on smartphones can contain viruses and other malware. Proactive solutions using a malware-detecting attachment service employ renditions rather than supporting native files. In this scenario, the user can still view and manipulate the data, but the file is not opened natively on the device itself.
To protect their mobile devices and networks from malware, CIOs should invest in mobile solutions that have security baked into the devices and supporting infrastructure. These security features built into the solution need to be as unobtrusive as possible so that they don’t detract from the ease of use of the device or the end-user’s efficiency and productivity.