Identity theft on the rise as only 5% of mobile devices are physically protected

And apart from headline-grabbing malware attacks on smartphones, it should be one of the strongest motivators for users to adopt mobile security software. Adoption so far, however, is critically lacking.

Juniper said that while only 5% of smartphones and tablet devices have security software installed – that’s globally – both corporate and personal users will begin to recognize the need to protect their data. As a result, the demand for mobile security products will increase over the next five years and, by 2017, 20% of mobile devices will be protected by third-party security software.

The report found that employee-owned smartphones and tablets used in the enterprise will reach almost 350 million by 2017. Even so, the number of protected consumer devices will overtake protected enterprise devices by 2015, driven by BYOD trends.

"Like it or not, BYOD is here to stay,” said Lamar Bailey, director of security research and development for security vendor nCircle. “There's no denying that it adds lots of new exposures and network entry points that must be monitored and secured. Organizations are definitely scrambling to secure these new devices while maintaining network uptime and access.”

But in that context, the level of protection needs to increase even further from a paltry one in five phones using physical security. Protect Your Bubble, a personal insurance firm, suggests a few best practices. For one, use a password that has a combination of upper and lower case letters, symbols and numbers. At the same time, have an auto-destruct installed so that if the password is entered wrong a certain number of times, the phone automatically wipes all the information. Also, install a backup app available from the phone manufacturer. This takes information from a mobile device and sends it to a home computer, and is often part of the self-destruct software. And finally, don’t jailbreak. A jailbreak eliminates digital-rights management and the codes that a carrier uses to provide a level of protection beyond what the owner can do.

“As tempting as it may sound to break a smartphone or other digital device, this significantly reduces the security because the device is no longer locked into a specific carrier,” the company noted. “No matter how security-protected a mobile device is, software is not going to prevent theft, loss or damage.”

There’s also an opportunity, Juniper said, for certain stakeholders. Between now and 2017, as the security threat increases and users become more aware of these issues, mobile operators and device vendors need to recognize the potential value that can be achieved by integrating key security features such as device-tracking or 'lock and wipe’ functionality into their product offerings for customers.

“Bundling mobile security apps along with other managed services will not only provide incremental revenue for the service providers, but will also help them guarantee better customer satisfaction and churn,” said report author Nitin Bhas.

And some are already capitalizing on this. Verizon Wireless for instance has launched security packages for Android phones. The Mobile Security Premium sells for $1.99 per month, per line, and includes physical recovery features that allow customers to remotely locate, alarm, lock or wipe data from a lost or misplaced device using their My Verizon accounts.

What’s hot on Infosecurity Magazine?