The number of smart phones protected by advanced security software will increase fivefold over the next five years as IT departments seek out mobile device management services to deal with functionality that is more and more like that of the desktop, according to a recent report from ABI Research.
While smart phones are increasingly mimicking desktops, IT departments don’t have the explicit security policies in place for smart phones as they do for laptops, said Stan Schatt, vice-president with Oyster Bay, New York-based ABI Research. “There is almost nothing for their smart phones,” he said.
But smart phone security is not something that IT departments necessarily want to manage by themselves, said Schatt, who has observed mobile operators and security companies getting into the mobile device management service arena. The service would be such that the IT department would pay a certain amount per employee with a smart phone. The security client software would be loaded on the device and services like remote handset locking or data wiping would be at the IT department’s disposal.
Just as in the past when the PC security market exploded with the entrance of malware, and the Wi-Fi security market did the same when Wireless Encryption Protocol (WEP) was broken, Schatt said mobile device management services is a ripe market now that smart phones are being used as desktops to do things like store valuable intellectual property.
“That is an issue for companies that have senior executives who exchange a lot of sensitive information,” said Schatt.
Given that Europe embraced the smart phone long before North America did, European mobile carriers have been offering enterprise security mobile management services for some time now, said Schatt. While U.S. operators like Sprint and Verizon have recently begun to offer such a service, Schatt said he expects other mobile operators to join in on this money-making venture.
The competing mobile operators, the profit is in the value-added service that is security, said Schatt.
Simon Bransfield-Garth, CEO of Cellcrypt, a U.K.-based vendor of voice call encryption, said it’s not inconceivable that mobile operators could enter the mobile device management services arena, either selling the management software directly to the IT department or offering it software-as-a-service.
The actual handset providers themselves could get in on the game as well, as Waterloo, Ont.-based Research In Motion Ltd. already has with its BlackBerry Enterprise Server, said Bransfield-Garth.
But as for the remaining handset providers, Bransfield-Garth said IT departments would have to seek out third-party software because in the absence of offered services, “you are very much buying a phone.”
Although Bransfield-Garth thinks it is still yet to be seen how large the mobile device managed services market gets, he does acknowledge the need to protect smart phones against security threats.
Those threats, he said, occur in three ways: a stolen or lost phone holds data at rest like downloaded e-mails; malware that finds its way onto devices; and, voice call interception.
“There is a series of threats that must be managed, and as enterprises become increasingly mobile it’s necessary to put in place the enterprise security,” said Bransfield-Garth.
Follow Kathleen Lau on Twitter: @KathleenLau