Mobile device manufacturers must begin to 'bake' security into devices as standard, and begin to develop common, secure protocols, according to a panel of security experts.
"Handhelds are not secured by design and even industrialised tablets simply aren't out-of-the-box secure. This leads to the requirement to layer on additional security, such as encryption, but this takes up considerable time to deploy. We see huge attrition rates of mobile devices, and the time taken to reinstall the security layers on each new device begins to add up quickly. We urgently need common, secure protocols to solve the problem," said Stuart Cummings, CISO, SABMiller at the Infosec conference.
Cummings continued to make the point that although solutions to many business-related issues with mobile devices are available, their sheer diversity makes it increasingly difficult for businesses to deploy them. "Although security vendors sell products that meet business needs, the fragmentation in the market leads to the need for a variety of solutions to be deployed which aren't necessarily complimentary. This situation simply isn't sustainable", he said.
Jericho forum co-founder Paul Simmonds pointed to the rise in the use of consumer products in corporates as being another driver: "The trouble is that no device is secure by default. Even those that do have security settings need these to be enabled, which rarely happens. Manufacturers need to get the message that mobile devices need to be secured by design."
The challenge of securing the mobile workforce has seen much attention from vendors and IT professionals alike, but the increasing popularity of consumer devices - such as the iPhone - in the workplace is causing a blurring of boundaries between 'business' and 'personal' technology.
Mobile devices must be secured as standard
By Mark Mayne on Apr 25, 2008 12:40PM