Will Corporations Put 'Smart Phone' Deployments on Hold as Virus Worries Increase?

Although most companies are still reluctant to adopt so-called ‘smartphones’ as the voice and data communications weapon of choice in their productivity tool arsenal, there are some pretty strong signals that sentiments may be shifting – especially as phones and network infrastructures become more capable. There are also a few roadblocks ahead that may delay acceptance, and even tilt the balance against enterprise adoption.

First, the positive news: Analysts predict that sales of smartphone devices – which combine the elements of a traditional cell phone with the capabilities of a personal digital assistant (PDA), full Web browser and two-way interactive messaging system – will grow from a paltry 20 million phones shipped this year to well over 170 million units per year by 2010. The wireless infrastructure is also growing at an incredible clip, with an estimated 1,000 wireless mobile operators worldwide by the end of last year, and a total subscriber base that should grow from about 1.7 billion worldwide to more than 2.4 billion by 2010 (by comparison, the installed based of non-voice PDAs is expected to reach 300 million by 2010).

Next-generation phones are also being developed that not only offer larger viewing screens, but are equipped with multiple antennae and communications capabilities that mix wide are wireless with 802.11 WiFi and even built-in radio frequency ID (RFID) capabilities. This means you can not only use your cell phone as a local and far-reaching communications device, but can use it to pay for gas or groceries by waving it in front of an RFID reader.

Phones that are equipped with such technologies and personal ID software can also be used to automatically authenticate users and track their whereabouts within an organization, or a city for that matter if you are embraced by a metro wireless network or traveling within a wireless mesh network.

Many executives would gladly give up their Research in Motion Blackberry, traditional cell phone and portable computer in favor of a device that combined the capabilities of all three in a neat little package. In fact, there are a number of devices available that do just that, including PalmOne’s Treo (that will soon be available with a Microsoft OS) [PalmOne Inc. (Nasdaq: PLMO)], the Nokia 9300 and Series 60 phones [Nokia Corp. (NYSE: NOK)], and a Palm OS all-in-one device just released by LG Electronics Inc. (London: LGLD; Korea: 6657.KS) .

All of these devices are quite capable and could easily replace a pocketful of targeted-application systems, making life a lot easier for road warriors and less stressful for administrators charged with tracking and supporting multiple tools. Unfortunately, a lot of companies may decide against cell-based multi-function phones because of the very reasons why they are so special.

While a smartphone’s ability to juggle multiple networks, manage various streams of email and messaging, and zip in and out of the Internet make it a handy tool, it is these same abilities that also make them prime targets for hackers and virus infections – more so than your average PC since they are usually switched on all the time and provide an effective gateway into corporate networks sine they frequently exchange information with servers and other smartphone devices. What’s worse is that up to 90% of these installed smartphone devices lack any kind of protection that would limit the potential for a security breach or all-out virus attack.

Web-enabled smartphone are not only vulnerable to the same types of attacks that plague your average PC – such as programming viruses, self-replicating worms and innocent-looking Trojan horses – but, they are also susceptible to a host of micro-programming device-based viruses, such as the CommWarrior.A (which surfaced earlier this year, targets Symbian OS phones, and spreads like wildfire through MMS messages). There is also the Cabir virus, which began as a ‘proof of concept’ within the labs of a handful of handset manufacturers and is now spreading by hopping through Bluetooth connections.

An even more sinister scenario involves spreading malicious code through "pattern files", which masquerade as software upgrades and synchronization user interfaces. These can be especially dangerous since most mobile devices are routinely upgraded through over-the-air (OTA) programming, and viruses that are inserted within this programming can easily infect tens of thousands of mobile systems within a single corporation.

At least four wireless carriers outside the U.S. now offer mobile virus protection software from software security companies like F-Secure Corp. and McAfee Inc. (NYSE: MFE), although in most cases it is offered as a premium service for an additional fee. Both companies, as well as competitors like Symantec, Inc., Trend Micro and Panda Software, have their sites set on the U.S. market as demand slowly picks up for Web-enabled phones. Recently, Nokia Corp. announced that it equip its Series 60 smartphones with the Symantec Mobile Security anti-virus software [Symantec Corp. (Nasdaq: SYMC)], of example.

However, it will take more than this to convince corporations that mobile smartphones are a safe and trusted investment, especially as devices packed with RFID and machine-to-machine (M2M) conversing capabilities create a Pandora’s Box situation that could have a very nasty impact on a company’s supply chain dynamics.

Sign In