BANGALORE, INDIA:  Android is news for the wrong reasons. Recently, several mobile phone applications were recently pulled down from the Official Android Market after they were found infected with malware. It is estimated that the infection may be widespread and personal data on the Android phones have been compromised.

CIOL's Sharath Kumar caught-up with Oliver Tavakoli, Chief Technology Officer for Juniper's Device and Network Services Group to dig deep into the causes behind the widespread attack on Android platform and security measures  that needs to be adopted. Here are excerpts:
                                                                                                                 
Q: What makes Android phones a hot target of hackers?

A: It's not that Google doesn't have enough security in place. Business model of Android is different from that of other players like Apple or BlackBerry.

Also read: Removing DroidDream malware 

An non-jail broken iPhone can only go to Apple Store but Android users can download applications from multiple sources and this brings the security into question.

Q: With mobile devices invading workplaces what the security challenges they bringing?

A: Attackers have always chose the weakest points that have high value to attack. Today, we have hundreds of applications sitting on the phone and you don't now what a  particular application is doing at the back ground. The worst thing about attacks on smart phone is that you may not know about it for a long time.

Android malware: Your banking details may be targeted

Most of mobile phone first do not have proper security in place.  Earlier enterprises used to provide employees with mobile devices for office communication with some control on security. But nowadays enterprises are allowing employees to use any phones. This further complicated the security of data.

Q: Are their more attacks on Android platform because of their popularity?

A: Any attack specific to a particular platform can give a limited success. Attacks on mobile platforms cannot give '95 per cent' success because it is fractured landscape. So it works against the attackers who want to make the maximum from any attack.

Q: How do you rate the performance of mobile security solutions compared to desktop security solutions?

A: There is a classic difference between mobile derives and desktop top PCs. Many of the end -point security providers have ventured to mobile security with the traditional anti-virus and signature based approaches. The rate at which people  use smart phones for accessing the Internet is higher than from the laptops. So security solutions for mobile gadgets is crucial.

Also read: Malware infection forces Android to pull-down applications

Smartphones needs security solutions that are capable remote device management. It should allow one to perform functions like remote locking, mobile back-up and remote data wiping capability. That is not  what the typical  end-point security companies have done.

Challenge is to take complexity out the system. A virus scan on desktop PC can slowdown the system but the same cannot allowed to happen on a smart phones. Challenge is the make the solution intelligent enough.

5. As you mentioned their are multi-vendors today. What security challenges does it bring for IT administrators?

A: Apple doesn't have console where you can make device management but BlackBerry and few others do offer it. It will be different for enterprises to have different security solutions and train people on them.

So bringing a mulit-vendor solution is  important. Any solution should make it easy for the administrator and end user to manage devices irrespective of device vendor.

Most companies do not even know which devices are running on their network and what they will be doing. Security companies need to help enterprises to define a policy. Defenses should be simple and easy to use and also allow easy control over the devices.