“Mobile computing offers new challenges, but they are less about infrastructure and more about people. Mobile devices can carry a huge security risk,” said RSA executive chairman, Art Coviello, at the beginning of an interview with RCR Wireless News. “Behavior is going to be one of the biggest keys.”
According to Coviello, until recently, mobile devices were secure because most viruses were designed for computers, but this is no longer always the case. In addition, mobile devices are with users 24/7 , and they often access them outside a firewall; as a result, if mobile devices are compromised, the danger will be great. That is why Coviello emphasized how important it is to have secure communication between the device and the network.
The difficulties to manage and protect mobile devices include the lack of IT control and recognizing patterns of people’s behavior. “IT organizations have to manage what they cannot control, and people’s behavior is key,” Coviello said.
According to Coviello, companies are spending 80% of their total budget on prevention solutions, 15% on monitoring and 5% on response, but he believes they should divide their efforts more evenly, spending a third of their time on each area.
Basically, companies need to ensure that transaction information remains private, and they need the ability to prove that the information is exactly what it should be. “It is going to be very hard, it already is, to create antivirus signatures fast enough to protect firms. They do not work so well anymore because malware changes so quickly that by the time you have a signature you have a new virus,” he said.
Be sure not to miss