Research: The lowdown on mobile security

Tags:
Wlan,
Mobile Devices,
Enforcement,
Theft

Rhetorik ZDNet.co.uk

Published: 25 Oct 2007 13:48 BST

Mobile-security measures in place
The final section on this topic explores the main security measures that respondent enterprises have put in place for mobile devices, their use and access to the corporate network. It also covers planned implementation over the next two years.

The two most important security measures are the firewall and antivirus/anti-spam software. These are widely applied by more than two-thirds of all respondent organisations, with only modest growth in deployment anticipated in the near future.

Wireless LAN encryption and data encryption on the VPN (virtual private network) are also well used. These were reported in place by around half of the research base. With ongoing growth in the use of both WLAN and VPNs, around eight percent of organisations plan to newly adopt these measures over the next two years.

Data replication and backup is also a popular and readily applied security method. Its use in our sample was comparable with WLAN encryption and data encryption on the VPN, with similar growth prospects over the coming few years.

All too often, authentication is by single factor alone, although two-factor authentication is rapidly increasing in popularity, with twice the number of current user enterprises anticipating deployment in two years time.

Intrusion detection is also important, with two-fifths of the sample reporting current use. Respondents point to strong prospects for growth, with a further 11 percent planning to adopt in the forecast period.

Data encryption (SSL/TLS, or secure socket layer/transport layer security) is also used by a similar two-fifths of the research base, with comparable expectations for growth.

Remote monitoring is already in place for around a third of these organisations but its popularity is increasing rapidly. In two years time a further 12 percent plan to implement this important management tool.

Compliance control is one of the lesser used techniques but is also growing strongly. Only a fifth of our research base is currently using this method but this is expected to increase to more than one-third over the next few years.

Least used of all the measures researched was remote wiping. However this powerful means of removing data and software from lost or stolen devices has strong appeal as a security measure, and our research indicated that the number of user organisations could almost double in the next two years.

Looking at these results by size of organisation, the following observations can be made:

The more established techniques of firewall, antivirus/anti-spam, single-factor authentication and data replication/backup are broadly applied across all sectors.
More advanced techniques such as data encryption (SSL/TLS), data encryption (VPN), remote monitoring, two-factor authentification, compliance control and remote wiping tend to be used less in the SOHO, and to some extent the SME sector, than in larger organisations. This is explicable in many cases, as factors such as the smaller user base and lack of need for a VPN make these techniques of less importance to smaller organisations.
WLAN encryption is more uniformly applied across all sectors, probably due to the popularity of wireless networks in enterprises of all sizes today.