Mobile Security Vendor Roundup
While security threats in the computer world have been well documented, the mobile arena has developed into a new ‘front’ in the war against viruses, malware and the like. marcia mcleod checks out the latest offerings from several security vendors.
TREND MICRO
TREND MICRO’s Mobile Security 3.0, designed for smartphones and other mobile devices, adds a firewall and intrusion detector, as well as a simplified user interface. Improved support will be offered from next year.
So far, Mobile Security 3.0, which was launched on 1 November, is available only for Windows Mobile 5 because, says Todd Thiemann, director device security, “Windows Mobile has been on the market longer” than any of its rivals. Symbian 9.1 will be supported from next year, but users of older versions of either operating system will have to make do with Mobile Security 2.0.
The new version of Trend’s security product is currently being tested with a major, but unnamed, telecoms company in Taiwan, as well as both corporate and domestic users. The product is available as a download on a free 30-day trial, after which the user is billed US$34.99 per device per year.
“According to Gartner, the smartphone market is expected to jump by 66% to 81m by the end of the year,” says Thiemann. “Next year, smartphones are expected to account for 12% of total wireless device shipments.
“Handset manufacturers are worried about their warranty returns for infected devices and consequent damage to reputation; mobile operators are worried about their reputation, customer churn, and lost billable minutes caused by interrupted service due to denial of service attacks. Security is paramount.”
FORESCOUT
FORESCOUT treats security very seriously. Its Network Asset Control product, CounterAct, protects all devices attached to a network, including those based on VoIP, by detecting and blocking self-propagating threats.
“Companies want to know who’s connecting to their networks, if the person is compliant with the corporate security policies and if they are introducing a worm into the network,” emphasises Ray Wizbowski, VP marketing.
“CounterAct 6.0, which came out in October, ‘sniffs’ everything that comes through the device to see if it is legitimate or not and acts accordingly.”
ForeScout tailors its products so the user obtains the appropriate response to each violation or potential violation. It can simply send an alert to the network administrator stating that the device’s owner is not working in line with the company’s security procedure or, for a serious threat, it can actually block access for a particular device.
“Application termination, added with version 6.0 at the request of the US government, gives much greater control over high risk applications,” Wizbowski adds. “It identifies which applications are running on an affected device, stops one, if necessary, and notifies both the user and his or her boss.
“For example, Skype takes up a huge amount of bandwidth and introduces a new vulnerability. If an employee begins using Skype on their mobile device against the company’s wishes, CounterAct can turn
it off.”
McAfee
MCAFEE’s Mobile Security product first came out in early 2004, covering all mobile devices, including smartphones. According to mobile security product marketing manager, Jan Volske, the greatest demand is from the carrier, as carriers have the greatest aggregated risk, followed by direct suppliers such as handset manufacturers.
Mobile security, for McAfee, consists of three main areas: risk assessment, recovery, and blocking products. Risk assessment helps a customer look at the potential threats and where the greatest risk is coming from – e.g. is there a bigger problem in one country or from one type of threat. Mobile mailware, for example, is causing a lot of trouble at the moment.
Recovery helps carriers get their services up and running again, while blocking products can stop viruses, spam or a specific application.
“Most of this has been available for a couple of years,” says Volske, “but it is only in the last few months that we have seen much interest from the carrier.
F-SECURE
F-SECURE started its mobile security suite in 2000, working with ISPs. Most ISPs that rely on a partner use F Secure, claims vp mobile security Antti Vihavainen, co-branding the security software or embedding it under their name. F-Secure is also moving towards a corporate product, similar to the desktop security suite.
F-Secure Mobile Security, incorporating a firewall, came out last year ; before that, the product was known as F-Secure Mobile Anti-Virus, and did not have a firewall.
“We were the first to offer a firewell and anti-virus software to Nokia’s third edition devices, the E and N servers, which came out this year,” says Vihavainen. “We also support Panasonic, but Nokia accounts for 70% of Europe’s devices at present.”
Functionality, such as anti-spyware and parental control, will be added over the next few months to match the security levels of the PC. Wider support of the E and N series devices from Nokia and other manufacturers will also be provided, as will support for Windows Mobile.
“We hope to introduce security for Windows Mobile in a relatively short time, before it is really needed,” says Vihavainen. “The market is being driven by demand from enterprise customers with all-encompassing security guidelines which need to make sure the entire network is secure, but there is also demand from the mobile operators who need to mitigate the threat before it happens, to protect their customers and their reputation.”
Symantec
SYMANTEC believes the threat to security is greatest on mobile devices. “The threat against the PC is fairly static,” says Paul Miller, md of Symantec’s mobile security division. “New types of threat attack the mobile device.
“Smartphones are growing at 77% per annum and viruses double every six months. There are 235 out there today for the mobile – and while this compares to 600 for the PC, mobile devices are much easier to lose than a desktop, putting data at greater risk.”
And yet, says Miller, only 25% of companies responding to a recent survey were even thinking about security for their mobile devices.
Symantec protects against what it calls pranking4profit and snoopware. Pranking4profit involves criminals accessing mobile devices for financial gain – a change from the traditional hacker, who does it because he can. “Premium SMS attacks can drain a user’s bank account,” warns Miller.
Snoopware “puts a stranger in your bedroom and a competitor in your boardroom” by accessing personal data. And by activating a microphone in the phone, it allows snoopers to determine the date of a meeting and listen in to proceedings.
Next year, Symantec will turn its attention to loss mitigation. Although it has not released exact details of its plans, it is likely to include data encryption or ‘wipe and kill’, which enables a company or individual to remove data from a mislaid device.
NOKIA
NOKIA launched its Intrusion Prevention with Sourcefire, an enterprise security solution combining intrusion prevention with vulnerability analysis and network behaviour analysis, in November. This follows Nokia’s arrangements to offer Sourcefire’s Intrusion Prevention Service, announced in August.
The software inspects incoming traffic for known and unknown irregularities, blocks traffic or replaces malicious code with benign code based on pre-defined security policies; monitors the network and profiles the network to detect threats; and identifies long-term security trends.
“The market underestimated the growth of mobile,” says Jay Burrell, vp business development enterprise solutions. “The European mobile market is worth US$813m. Sixty-five per cent of enterprises will have wireless applications by 2007/8 and 80% of smartphones will have email capability by 2008.
“Companies need a mobile security strategy – but we see the development of more customised applications for specific verticals, such as health care, construction, field service, parcel delivery, and manufacturing. Middleware will grow, too.
“IT departments have to consider the use of mobile phones by employees. Will every new recruit be given a corporate mobile phone, like they are given a laptop, to avoid the risk of security breaches from privately-owned devices? And how will they back it all up?”
STILL SECURE
STILL SECURE recently integrated its Safe Access and Strata Guard products to provide both pre- and post-connect protection to mobile users and network operators.
“The mobile workforce is not going to go away. It is a force that needs to be dealt with from a security point of view,” says Alan Shimel, chief strategy officer.
Safe Access checks that any person trying to log onto a network with a mobile device meets the enterprise’s network access policy for that type of user. This could vary according to whether the person is a home worker using corporate-owned equipment, a home worker relying on their own equipment, a person with a smartphone and so on.
“As the person logs on, Safe Access can limit the access privileges based on who that person is,” Shimel says.
“It makes sure the mobile user is not introducing anything malicious into the network, while at the same time protecting the mobile user from anything malicious already on the network that might infect their device.”
Strata Guard provides protection after the person has already logged on to the network by monitoring traffic to see if there is anything malicious or potentially damaging on the device and, if necessary, drop the device from the network immediately, block the device from certain parts of the network, refer the user back to Safe Access or quarantine the user to ensure access is allowed only to specific areas of the system
