Security Concerns Threaten Enterprise Rollout of Mobile Technology

Symantec Global Survey Finds that Businesses are Slow to Deploy Mobile Security

Las Vegas, NV - April 4, 2006 - Security concerns are the biggest obstacle to the widespread adoption of wireless and remote computing in businesses worldwide today, according to a global survey by the Economist Intelligence Unit and sponsored by Symantec Corp (Nasdaq: SYMC). More than 60 percent of companies are holding back on deployment, citing security concerns. Close to 47 percent of respondents cite cost and complexity as a major obstacle to deployment. All the while, almost one in five businesses has already experienced financial loss due to attacks via mobile data platforms.

The Economist Intelligence Unit’s research [details below]highlights serious weaknesses in firms’ present security arrangements for mobile devices. While 82 percent of businesses worldwide indicate that they see the damage from virus attacks as the same or greater on a mobile network than on a fixed network, only 26 percent have actually assessed security risks of smart phones, compared with 81 percent of enterprises conducting security assessments for laptops. Despite the proliferation of mobile device use in the enterprise, only nine percent of companies have incorporated a comprehensive security architecture designed to include mobile device access. Of the rest, ten percent of companies have no measures for addressing mobile security, 39 percent are granting mobile devices access to corporate networks on an ad hoc basis and another 39 percent are integrating mobile devices into their existing fixed network security architecture.

“It’s prudent for enterprises to gain experience in mobile deployments and security before a serious attack makes it mandatory and time critical,” said Paul Miller, director mobile and wireless solutions, Symantec Corporation. “In today’s enterprise, there are multiple end points to account for – and proper protection cannot be tackled as one-size-fits-all. While most enterprises are aware of the risks introduced with mobility, they continue to lack the appropriate security measures and policies required to protect themselves from potential threats.”

The Economist Intelligence Unit surveyed more than 240 global company executives and conducted a number of in-depth interviews with executives across a range of industries to explore awareness of the security risks associated with the widespread adoption of mobile data solutions. The research also looked at business readiness to respond should a security threat be realized. Regional responses were aligned on a number of matters, with regional contrast strongest around security risk assessment on specific devices and security software deployment. For example, 55 percent of Western European businesses have deployed security software to protect mobile data, compared to 44 percent in Asia-Pacific and just 36 percent in North America.

“Security is the one particular issue that continues to impede the widespread adoption of mobile computing in the workplace and if it continues to be overlooked there is a danger that some businesses will miss the advantages mobility can bring to their workforces,” said Gareth Lofthouse, director of custom research, Economist Intelligence Unit.

The Symantec Internet Security Threat Report Volume IX, published in March 2006, highlighted that malicious code that targets mobile devices, particularly smart phones, continued to grow through the second half of 2005. The report also highlighted several new examples of malicious code for smart phones including Cardtrp, which was the first cross-platform threat with the ability to affect both Symbian and Windows operating systems. The end of 2005 also saw the emergence of Pbstealer which is distributed as a file that represents itself as a phone book utility for smart phones in order to entice a user to download and execute it. Once a device has been compromised by one of these Trojan horses, information such as the user’s phonebook, notepad, calendar, and to-do list will be transmitted to Bluetooth-enabled devices that are within range. This may pose a serious breach of confidentiality if a corporate device is compromised in this manner, as sensitive contact information and appointments could be shared. The risks connected with mobile data will increase as larger mobile networks become a more attractive target for cyber-criminals.

“A coherent strategy for mobile security would work towards alleviating the concerns of many enterprises. Companies can begin leveraging mobile technology as a competitive advantage by adding mobile protection to 5 or 10 percent of their mobile workforce and heeding to best practices. This measured approach will help tremendously in preparing for major deployment,” said Miller.

Symantec offers solutions to address wireless devices running on Symbian, Palm OS, Microsoft Windows Mobile and Pocket PC platforms. Symantec AntiVirus for Handhelds Corporate Edition 3.5 delivers a comprehensive virus protection solution designed to secure corporate assets and protect against the potential spread of malicious code downloaded from the Web, email or a Wi-Fi connection, or beamed via Bluetooth or infrared ports for devices running on Palm OS, Microsoft Windows Mobile and Pocket PC platforms. Symantec Mobile Security for Symbian offers real-time automatic and on-demand scans to protect Symbian OS files on Series 60 and Series 80 smart phones.

Economist Intelligence Unit research results (in PDF): Download the Full Report, or regional reports for Asia, Europe, and North America.
www.symantec.com/content/en/us/about/media/mobile-security_Full-Report.pdf

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Contact Information

Jim Nickerson

Symantec Research Labs

Symantec Corp

Contact via E-mail