WASHINGTON, D.C. -- Reports of new viruses and other malicious code targeting smart phones and other personal digital assistants are almost commonplace, but an attack that causes business interruption and costs more than AV protection will not occur before the end of 2006.
"When all these factors come together, an attack could be more realistic," Gartner Vice President John Pescatore told a crowd of attendees. "In 2007 we'll begin to see incidents that cause damage."
Without these three factors, analysts say mobile malware can have only an isolated impact; they recommend that organization avoid purchasing expensive point solutions until these factors come together. Instead, organizations should use AV on PDAs used for critical business processes and require PDA security vendors to include boot-up protection and personal firewall capabilities along with AV support.
Begin by analyzing existing security policies to discover holes affecting mobile devices and ask wireless service providers to document existing and planned capabilities for blocking mobile malware in the network. If they don't offer in-the-cloud mobile malware protection by the end of 2006, negotiate with desktop host-based security providers for a low-cost extension for mobile devices.
But that's just one of the five most over-hyped threats, according to the Gartner Group. Analyst Lawrence Orans said IP telephony is another area where you should "forge ahead if it makes good business sense for your enterprise."
Though it can be the victim of denial-of-service attacks or of an unpatched operating system vulnerability, preventive measures are similar to those for best practices in both converged and data-only environments. Orans said the most over-hyped threat is eavesdropping, which is unlikely because it requires LAN-based access and can be "easily highlighted by monitoring LAN traffic for anomalous behavior." Orans recommends that security managers apply the same guidelines for encrypting voice traffic as they do for data.
Another hype point is that a "Warhol" worm will bring the Internet to its knees. Gartner analysts say "the Internet will meet performance and security requirements for all business-to-consumer traffic, 70% of business-to-business traffic and more than half of corporate WAN traffic through 2007."
A great deal of hype also surrounds the idea that regulatory compliance equals security. Not true, said Pescatore, who believes that regulations very rarely focus on the real issues at the heart of security problems and simply lead to over-reporting.
"Investing in compliance over security controls is security bulimia," Pescatore said. "We're vomiting out results but we're weaker when we're done." He suggests focusing on regulatory pressure to improve security processes rather than buying security products.
Gartner said that through the end of year 2007, 80% of compliance spending will result in no measurable increase in security.
Lastly, there's the threat of the Evil Twin to wireless hot spots. Evil Twins pose as legitimate hotspots that allow users to connect to unauthorized access points that overpower real hotspots, leaving themselves open to attack. The analysts said uneducated consumers are the most likely victim here, but enterprises can equip and educate their road warriors with the tools and knowledge to mitigate these threats.
Security measures organizations should incorporate for mobile workers include: