Mobile devices such as the iPad and the Android smartphones have excited individuals and businesses alike with all the wonderful possibilities they bring for communication, entertainment, and productivity. Of course, the mobile security firms are now pissing on the mobile parade, employing their usual techniques of creating fear, uncertainty, and doubt to sell products.
Turning a positive into a negative is an essential sales technique for such firms. Maybe I shouldn't have been surprised to see Symantec's warning that workers would take their smartphones and iPads with them for the holidays and do work on them -- a generous gift from employees to their employers for what is supposed to be time off from work.
[ Keep up on key mobile developments and insights with the Mobile Edge blog and Mobilize newsletter. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors in InfoWorld's "Malware Deep Dive" PDF guide. ]
If it's popular, it must be risky
In Symantec's view, of course, this is a risk: By working from mobile devices over the holidays, employees will cause harm, letting untold evil into the corporate systems. I guess we'll all have to carry our work laptops to Christmas dinner. Never mind that few laptops are as secure as mobile devices. Businesses that insist mobile devices have on-device encryption often don't require laptops have the same level of protection, even though laptops typically have much more sensitive data on them. Or maybe we'll all actually not work on the holidays. (Fat chance, I know.)
As off-putting as I find the security vendors' glee in casting doubts about anything good, there are of course security risks in mobile, as there are with everything. The issue is what are those risks.
Thus, I asked Symantec mobile product manager Khoi Nguyen what are the actual threats and their prevalence. I came away unconvinced there are serious mobile security risks from the stuff that Symantec wants to sell products for: malware. There simply is little of it, perhaps because of the fragmentation of mobile platforms and the fact that organized crime is finding richer, easier pickings from Windows users to be bothered (yet) to go after mobile users.
It's also ironic that Symantec offers endpoint security software for just two essentially dead mobile platforms: Windows Mobile and Nokia Symbian. Apple won't allow such security software, one industry analyst tells me, but if the threat is so significant, it's surprising that Symantec doesn't have an offering for BlackBerry or Android devices -- especially Android, whose app store is unmanaged and could be a swamp of malware masquerading as legitimate apps. Oh, wait -- Symantec is working on an Android product.