Uncertainty about how to secure mobile phones in the face of increasing threats is slowing enterprise adoption of mobile applications, experts exhibiting at the 3GSM World Congress in Barcelona this week said.More than\u00a0two-thirds of mobile operators in Europe that took part in a survey said they detected more than 100 incidents involving mobile viruses or mobile spyware in 2006, according to a study conducted by Informa for security software developer McAfee. The number of European operators reporting more than 1,000 such incidents more than doubled in 2006 compared to the previous year, the report said.IT administrators, uncertain how to protect their users from such attacks, are unwilling to enable mobile access to applications for workers. "Enterprise security professionals haven\u2019t really worked this out yet," said Lorcan Burke, CEO of AdaptiveMobile. Companies such as banks, with strict security requirements, simply block access to any service, including the Internet, that could open doors to security problems, he said. At the recent RSA Conference in San Francisco, some of the most crowded events were those tackling mobile security issues, said Simeon Coney, vice president of marketing for AdaptiveMobile. That was an indication that IT administrators are trying to find out how serious mobile security problems are and how to address them, he said.Mobile services can be secured in the application, the network, or in hardware or software on the device. Among operators responding to the McAfee study, most found that virus protection was most important at application and device levels, although more of them had deployed network-level security systems than the other options.\u00a0More than\u00a0200 respondents from the operator community took part in the study. AdaptiveMobile makes network-level security products for operators, including a system for filtering viruses in e-mail, short-message service, multimedia messaging service and wireless application protocol traffic. Beyond viruses, AdaptiveMobile can control content, so it can stop phishing and other fraudulent attacks, or limit the types of content end users can access. If an operator has deployed AdaptiveMobile\u2019s platform, an IT administrator in a company can set and manage such controls down to the level of individual users. For the mass market, AdaptiveMobile\u2019s product allows operators to notify users by text message if their phone becomes infected with a virus and offer a download, either for free or for a fee, to disinfect the device. Without such software, operators will replace a user\u2019s device or ask\u00a0the user\u00a0to send it off for disinfection, both costly propositions.A network-based security mechanism offers some advantages over antivirus software that sits on the handset, Burke said. Handset software doesn\u2019t prevent phishing and other nonviral scams. In addition, antivirus software isn\u2019t compatible with all phones, making it logistically difficult for the software developers to tweak their products for each version of every phone and make sure to sell the proper software to end users.Burke\u00a0calls antivirus software on the handset "the minimum acceptable response. It\u2019s a tick in the box to make people feel comfortable." Some developers also sell security mechanisms that sit in the phone\u2019s hardware. Such solutions are ideal for organizations with very strict security requirements, such as governments, Burke said. One downside to the hardware-based solutions is that they take about two years to make it into a handset, he noted.-Nancy Gohring, IDG News Service (Dublin Bureau)Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.