IDC: Mobile device chaos creating heightened security demand

Firms need a thorough plan and the right systems to deal with this, analyst warns
  • Leo King (PC World)
  • — 15 September, 2011 18:12

The proliferation of mobile devices is competitively important for businesses but is creating "chaos" for security professionals, IDC has warned.

At the IDC IT Security Conference in London, Eric Domage, programme manager at the analyst house, said businesses needed to follow a range of steps to protect themselves.

"In the last year, a sort of device chaos has come about, with many people bringing their own mobiles and even having two or three devices on the go," he said. "It's important competitively to allow this, but you do need to protect your business with comprehensive security."

There was a "widening gap", he said, between the budget and skills available to businesses and the complexity of threats and regulations they had to deal with.

A newly-released survey of IDC customers reveals that 40 per cent of businesses expect their security budget to be cut in spite of the heightened complex threats, and a third fear some change to their budget, without knowing what it will be.

In order to cut security costs, 70 per cent will negotiate with vendors, 55 per cent will reduce the number of suppliers they work with and a quarter will reduce their own staff numbers.

In order to tackle the complex threats, particularly from mobile devices - but also potentially from the growth of cloud computing - companies needed to focus on good policies and thorough application, using the right technology, Domage said.

For mobile security, the key areas include anti-malware, identity and access management, vulnerability management, lifecycle management, and data security, overseen by a proper security management function.

"You must have broad solutions that are agile and centrally manageable," he said. "You also need to segment clearly the boundaries of professional and personal data, when you're dealing with consumer devices, so that everyone is protected."

Around 55 per cent of firms said they plan to implement a basic data protection system for mobiles, and 20 per cent will implement the more complex, but useful data loss prevention (DLP) systems. A high 33 per cent of firms say they do not have technology or policy in place for mobile security.

Tags: Mobile & Wireless, infrastructure, IDC, security, careers, IT management, IT Business

While Heartbleed distracts, hackers hit US universities

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Encryption

Robust data protection for PCs, smartphones, and removable media

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.