Job 1: Protect Mobile Data, Not Hardware - 'ZIFFPAGE TITLESecurity Options '

Security Options

The corporate Catch-22 of mobile devices is that as they have gotten more sophisticated Internet and e-mail capabilities, oversight responsibility has typically defaulted from the communications department to information-technology professionals. The I.T. department, in turn, has often balked at taking on this responsibility because it wants the same security and management capabilities and privacy policies that are in place on desktop computers, according to Marc Camm, vice president of smart-phone solutions at CA.

However, as Drew Carter, mobile product manager at McAfee, notes, many of the devices have been introduced piecemeal:

"A business unit might decide that 100 top executives get the device, or a warehouse, or a specific line-of-business function—with nothing associated with an overall security policy." Thus, many organizations now have a mix of rogue devices and mobile operating systems.

But at least there are several security options for I.T. managers looking to lock down the devices they know about.

Besides McAfee and Symantec, which recently introduced mobile antivirus software and strategies, CA, Microsoft and other vendors have packages in the pipeline. Market researcher IDC charts the smart-phone security software market to grow 70% annually to $1 billion by 2008, up sharply from $70 million in 2003.

Still, banker Graham and most other I.T. execs remain vigilant and worried, pointing to the device manufacturers' current promotions of phones being used as credit cards at vending machines. "We're moving in the direction of wireless devices and your personal identity merging," Graham says. "Once you've got that financial information on wireless devices, people are going to be looking for a way to get into it."

And warns another chief information security officer, referring to manufacturers' TV ads: "Do you want a Coke machine responsible for your personal identity and security?"