Virtualisation, mobile devices pose largest security risks: Symantec

Security industry leaders weigh in on 2011 security trends

Maintaining secure virtualisation practices and improving the security of mobile devices will be top-of-mind for IT leaders in 2011, local security industry leaders have claimed.

Symantec ANZ managing director, Craig Scroggie, said that while virtualisation has been dominated by servers in the past, the move towards production data centres has increased certain security risks.

“The risk is significantly higher with this [type of] virtualisation because the validity of the data becomes a major question for you in the event that your virtualised environment becomes compromised,” he said.

There is also the risk of security threats spreading to virtualised desktops and applications, Scroggie said.

Scroggie said the release of 22 tablet devices in 2010 resulted in more mobile security threats arising, and that this risk will continue into 2011.

“Basically everything mobile, whether it is an iPad or a smart phone, can be compromised. If you lose the device where is that information going? This raises the question of what happens if the phone isn't locked,” he said.

Through its acquisition of US internet infrastructure services company Verisign in October last year, Symantec developed a technology that enables people to use their mobile device as a form of online identity.

“For example, if you use internet banking and log on using your phone as a registered device with a certificate we will be able to authenticate you with the banking application,” said Scroggie.

McAfee Asia Pacific chief technology officer, Michael Sentonas, agreed that mobile security will be an issue in 2011, but said that overall, threats on mobile devices have been few and far between, with jailbreaking on the iPhone and the arrival of the Zeus hack making up the key mobile threats of last year.

“The widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption means that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk,” Sentonas said.

Sentonas added that while social networking sites such as Twitter have created a movement toward instant communication, such sites have also created security risks.

“Of the social media sites that will be most riddled with cyber criminal activity, McAfee Labs expects those with URL shortening services will be at the forefront,” he said.

Sentonas said this is because the use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites.

“With more than 3000 shortened URLs being generated per minute, we expect to see a growing number used for spam, scamming and other malicious purposes,” said Sentonas.

AVG security evangelist, Lloyd Borrett, agreed that mobility was a number one target for hackers.

“They’re becoming more important because mobile phones are less secure. Users tend to be more careless about security measures on phones and if you’re doing something such as mobile banking using a public wi-fi connection, there is a greater risk of compromise.”

Borrett said that compromised employees can also be a big security risk.

“There are many instances where employees are roped in to get details from users of the business. To some extend the Vodafone data breach is about that and meant to be about the third parties,” he said.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the newsletter!

Error: Please check your email address.

Tags symantecBreach Securitysecuritysocial media

More about ANZ Banking GroupAVG Technologies AUMcAfee AustraliaSymantecVeriSign AustraliaVodafone

Show Comments

Market Place