The Devil Wears Prada-Part 2: Risk-o-Meter

CIOL Bureau
Updated On
New Update


INDIA: SO why this song and dance about security risks going notches higher if employees want to swagger in with their own technology pets? Ain’t the current dykes of Information security strong enough to handle the flood? Or would the proverbial finger in a dyke’s hole help this time?

To the first question, the answer, from the lens of security providers, some research miners and some experts, for now, is almost an affirmative, in consensus.

A decentralised,  and mobile  workforce and IT environment is prone to greater risks as compared to a centralised and regulated environment, warns Sandeep Godbole, Member, ISACA India Task Force. “It is expected that by 2013 mobile phones would replace the PC as the most common web access device worldwide. Absence or omission of these new form factors would thus undoubtedly impact an enterprise adversely. 'Portability' - the greatest benefit provided by mobile devices is also its biggest vulnerability.”


The second annual IT Risk/Reward Barometer survey by Global IT association ISACA signals this drift. It clearly underlines that risks from mobile devices has been a prominent point. More than 90 per cent of Indian IT leaders believe that mobile devices, whether employer-provided or personal, pose a risk to enterprises. More than 50 per cent say that their enterprises have put policies and systems in place to mitigate the risk of mobile devices use.

In another report- McAfee Threats Report, it is indicated that malware no longer affects just PCs. As Android devices have grown in popularity, the platform solidified its spot as the second most popular environment for mobile malware behind Symbian OS during the first three months of the year.

The researcher Lompolo found a series of Android applications carrying backdoor Trojans in the Android Market, and with the estimated download rate of tens of thousands to the hundreds of thousands, the number of users who could be affected is significant.


In Q1 2011 McAfee Labs found that the most prominent types of Android mobile malware were Android/DrdDream, Android/Drad, Adnroid/StemySCR.A and AndroidBgyoulu, which affected everything from games to apps to SMS data.

Ambarish Deshpande, Director, Sales, India, McAfee feels that yesteryears’ network or perimeter level security won’t suffice anymore. “Because data is scattered everywhere with the new devices.”

That’s not all.

Compliance is another concern. And the very fact that applications would do a 360 degree spin in the new smart phone universe can just not be ignored.


There would be myriad new applications, and users would want to download and enjoy them, irrespective of strong security and policy issues for a CIO’s office. Plus, they just won’t orient in sync to the long five-to-six year of IT cycle planning an enterprise is used to. Today on, apps change like spring fall couture.

The impact of the media tablet in the eyes of the public is much greater than would be believed from the number of units shipped. Gartner expects media tablet shipments to be approximately 69 million in 2011, which is only a small fraction of the total number of application-capable mobile devices, such as smart phones. Yet already the impact of the device on other forms of computing is great.

Media tablets are presenting a variety of new opportunities for businesses, but they are also requiring a new set of policies, technologies and skills for enterprises, according to Gartner, Inc.

As a survey done by Frost & Sullivan with CIOs across industries reveals, 65 percent of the respondents believe that risks associated with Data Security are causing major disquiet in today's IT environment, followed by spyware, virus, worms, and trojan horses. Network and content security, followed by data security, were expressed as the topmost priorities for CIOs in security management this year.

Whether it is monster in imagination or a real risk, either ways, it is a Catch 22 spot for the poor soul called CIO. The next segment of this series takes us into those very treacherous lanes IT men would be forced to navigate now. Keep reading.