Smartphones and other high-end wireless devices now enabling the enterprise mobility revolution may pose significant security risks for enterprise telecom and IT departments that don’t take adequate measures to protect network resources, according to the latest report published by Unstrung Enterprise Insider (, a new subscription research service from Light Reading Inc. (

Mobile Malware: The Enterprise at Risk evaluates the potential impact on enterprise telecom and IT resources of mobile malware — viruses that target the operating systems driving today’s leading mobile phones and computing devices, including Research in Motion’s BlackBerry. The report identifies the potential entry points of malware programs and assesses the threat level that each potential trouble spot poses to the enterprise.

The report surveys anti-malware products and solutions available from wireless service providers, handset makers, and third-party security software companies. It also includes a set of “Insider Tips” — guidelines and procedures that enterprise telecom and IT departments should consider to minimize exposure to malware risk.

The rapid uptake of advanced wireless devices by the enterprise workforce is making malware a more serious threat to telecom and IT resources, notes Tim Kridel, research analyst for Unstrung Enterprise Insider and author of the report. “Today’s mobile OSs, such as Symbian and Microsoft Windows Mobile, are used by dozens of vendors across dozens of models, making it possible to write a single piece of malware that targets a pool of potential victims numbering in the hundreds of thousands, or even millions,” he explains.

“Malware writers are very good at identifying and exploiting all of the ways that data moves in and out of wireless devices,” Kridel says. “Viruses are routinely hidden in games that users download over the wireless network. Others are transferred via Bluetooth or downloaded when the user clicks on a link in a message. A few can enter a phone one way and exit another. Therefore it is necessary to implement anti-malware tools and policies to address all possible scenarios and points of vulnerability.”

Among the report’s key findings:

* While most mobile viruses cause minimal damage to handsets and their
stored data, the costs of lost user productivity and increased IT
support can be significant.

* Some malware can infect a handset and jump to a PC during syncing,
extending the security risk to all enterprise IT resources.

* Enterprises can’t depend on carriers or vendors to analyze threats; they
should assess products and cobble together their own solutions.

* Some mobile OSs are far more vulnerable to malware attacks than others.

Mobile Malware: The Enterprise at Risk, a 20-page report, is available as part of an annual subscription (six issues) to Unstrung Enterprise Insider, priced at $1,295. Individual reports are available for $900.