Businesses warned to protect against growing mobile security threats

mobile phone security

Apple and Google's software may be proving attractive propositions on mobile devices for business users and consumers alike, but inbuilt security may not be good enough for corporate use.

So claims Symantec, which has released a whitepaper analysing Apple iOS and Google Android mobile and their suitability as a tool for businesses.

The security specialist agrees that such mobile operating systems were built with security in mind, but argues that it may not be hefty enough to protect sensitive and important business data residing on phones and other similar devices.

"Today's mobile devices are a mixed bag when it comes to security," said Carey Nachenberg, a fellow and chief architect at Symantec's Security Technology and Response arm.

"Employees are increasingly using unmanaged, personal devices to access sensitive enterprise resources, and then connecting these devices to third-party services outside of the governance of the enterprise, potentially exposing key assets to attackers."

Mobile security is still advanced in comparison to that of the desktop PC, Symantec said, adding there were still "major gaps" and that both form factors are still vulnerable to many types of attack.

Symantec praised iOS in particular for being well protected against what it described as "traditional malware" due to Apple's app and developer certification processes. In the same vein the analysis was critical of Google's more open approach to Android.

"Google has opted for a less rigorous certification model, permitting any software developer to create and release apps anonymously, without inspection. This lack of certification has arguably led to today's increasing volume of Android-specific malware," Symantec said.

The report said jailbroken devices were just as vulnerable as desktop PCs.