Research shows that mobile IT security is taking off at last

A survey from Goode Intelligence claims to reveal that 54% of organisations are planning to deploy mobile anti-virus products and services during 2010. The study — which forms the second half of the research firms' late 2009 Mobile Security Survey — says that, of these organisations, 33% plan to deploy mobile anti-virus products and services by March 2010 and the remaining 67% plan to deploy by September 2010.

The survey, carried out in partnership with Acumin Consulting during September 2009, claims to be the most comprehensive vendor-independent survey on mobile phone security to date, and provides a snapshot of the current state of mobile security within organisations across the globe.

Alan Goode, the research firm's managing director, said that, whilst the threat from mobile viruses is currently low, with the rising adoption of data-centric applications on smartphones, including financial services, he feels that the threat will rise from 2010 onward.

According to Goode, research for the new analyst report on mobile viruses/malware has discovered that mobile operators are struggling with growing mobile spam and malware.

In the last couple of years, he says, the percentage of mobile messaging traffic (SMS/MMS/Email) that is defined as spam or malware has risen from approximately 2% to between 20% to 30% of total traffic and, more significantly, between 14% to 22% of this figure is considered to be malicious.

The survey reveals that while nearly 71% of organisations currently feel that the threat from mobile phone viruses is low, this number drops significantly for the perceived threat by 2011, with only 21% believing the risk to be low and 29% forecasting that the risk will be high or very high.

"The threat to mobile devices from viruses is here today and growing," said Goode.

"Last year's iPhone worms could be just the start of a concerted attack on smartphones. The threat is increased by the proliferation of mobile app stores with users downloading applications, most of them free, to their smartphones," he added.

"Can the app store providers guarantee one hundred percent that their certification programs will capture all malicious code that may be lurking in a mobile application?"

"This threat is dramatically increased if the user is running a jailbroken device. GI believes that companies must seriously consider the consequences of an unprotected corporate mobile phone being infected with malware that could upload all of that phone's data to a criminal server."

What’s Hot on Infosecurity Magazine?