Tablets, Mobile Malware Heighten BYOD Security Concerns

If you’ve got BYOD smartphones — it’s a good bet you do — then you’ve got a big security problem that’s only going to get worse with the emergence of BYOD tablets.

In a Lookout-commissioned Forrester survey of 213 U.S. IT managers released today, three out of five respondents reported a lost or stolen smartphone within the last year, while two out of five reported a lost or stolen tablet. Twenty-six percent of respondents said their organization had data loss or leakage on a smartphone, and 23 percent said they had data loss or leakage on a tablet.

[Related: How CIOs Can Navigate Treacherous BYOD Waters]

Ninety percent of respondents support BYOD activity, mostly smartphone use, but BYOD tablets are on the rise. One in five respondents reported supporting BYOD tablets today. As tablet penetration grows among consumers, Forrester expects BYOD tablets to track along with it.

Losing a BYOD smartphone is risky business given sensitive data that could end up on it, but imagine losing a BYOD tablet. The amount and type of corporate data finding its way onto a powerful tablet, basically a working laptop, compared to a smartphone increases the exposure risk exponentially.

[ Related: The Consumerization of IT and BYOD Guide ]

BYOD’s security problem also hasn’t escaped the watchful eyes of malware writers. Whether tablets or smartphones, the common denominator is that employees use this mobile device for both work and personal activities. This means that a security threat can hit a company by coming through the oft-absent-minded doors of an employee’s personal use.

[Related: BYOD’s Battle Royale Pits IT vs. Employee]

Case-in-point: Earlier this month, Lookout identified MaClickFraud, a Trojan added to games and other apps. “This Trojan can enable a broad range of click fraud activities, from faking search terms in order to boost the ranking of a targeted website, to gaming incentivized download networks or other ad networks in order to make an ad publisher appear to have more traffic than they actually do,” writes John Gamble, product marketing manager at Lookout, in a blog post.

This week, Lookout came out with an app and service aimed at businesses to secure mobile devices from threats, data loss and device loss. It gives IT managers the capability to remotely locate, lock and wipe devices, scan every downloaded app and website for malware, and sends signal flares that identify a device’s location when the battery is nearly exhausted.

Lookout for business starts at $5 per device, per month. The big drawback is that it’s only available for Android. Support for iOS will follow at the beginning of next year, Lookout says.

Tom Kaneshige covers Apple, BYOD and Consumerization of IT for CIO.com. Follow Tom on Twitter @kaneshige. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn. Email Tom at tkaneshige@cio.com