Mobile security awareness still lacking

Paid and even free versions of mobile security software have proliferated the market in recent years, but industry observers note that consumer adoption is still lacking in the face of a steady growth in threats targeting the mobile platform.

Citing a survey conducted in 2008, F-Secure's senior security response manager Chia Wing Fei said in an e-mail that 86 percent of respondents then did not have security software installed on their handsets.

"Although, we still see a steady growth of mobile malware over the past two years, the awareness of protecting the mobile phone and the sensitive data that is stored on it hasn't changed too much."

On top of that, users who may have sensitive information stored on their phone, such as e-mail, business contacts and pictures, sometimes fail to password protect their handset even though this feature is built into most phones today, said Chia.

According to Judy Wu, security software research manager at IDC Asia-Pacific's domain research group, mobile security tools have been available for many years, but adoption remains "very low" as there have been few mobile threats.

"There is no urgent demand for [mobile security software]," she explained in an e-mail interview. "[But] as more and more mobile phones become the 'device to the Internet', the situation will change."

"When end users feel the need to protect their mobile devices and the data [residing in them], they will definitely consider mobile security solutions."

Hong Kong-based Wu added that the time appears to be ripe for vendors to start promoting their mobile security offerings compared with a few years back. This is because all mobile devices are now "exposed to the same level of threat as PCs and laptops", she pointed out.

Is free good?
More recently, two Chinese security vendors released mobile security software for users in the China market that are free of charge indefinitely. 360 offered its product in March following a beta involving over 1 million users, reported ChinaTechNews.com last month. The software is said to support handsets based on the Symbian S60 v2, v3 and v5 platforms, on which nearly 100 types of mobile phones manufactured by Nokia, Samsung and LG are based.

Following suit, Kingsoft earlier this month launched its version for the Symbian S60 and Android platforms.

A spokesperson from Kingsoft, in response to e-mail queries from ZDNet Asia, said the company has released only a local language version for mobiles in the Chinese market. Kingsoft is "still not sure" of plans for the overseas markets at this point, the spokesperson added.

360 declined comment for the story.

IDC's Wu pointed out that most free mobile security products "provide complete antimalware functionalities and are good enough" for baseline protection. Opting for a free model, she added, is not uncommon as vendors are looking to quickly build up a customer base to gain market and mind share. Once users are loyal, they can be migrated or upgraded to paid versions.

Jari Heinonen, F-Secure's Asia-Pacific vice president, acknowledged in an e-mail that offering a solution for free is a "good way of creating awareness". Giving away the entire mobile security product or part of it, he said, "is an option" for F-Secure, although the company has only paid versions for now.

On the other hand, there is no protection for platforms such as the iPhone OS, even if users crave it. And there have been attacks on Apple's mobile platform, such as the Ikee worm incident last November, which was followed by another exploit.

F-Secure's Chia said another obstacle getting in the way of securing iPhones against malware is that the platform does not allow multitasking, making it difficult to offer real-time protection. That may quickly change with the impending release of iPhone 4.0, he said.

Globally, the number of corporate mobile devices with security software installed is expected to grow over the next four years, according to a Juniper Research statement released in January. However, by 2014, less than 20 percent of handsets are expected to be protected.