Mobile systems may soon encounter the same threats already seen on laptops and desktops, a panelist said last week at SC World Congress in New York.
The main problem right now are the hundreds of thousands of applications in the various mobile marketplaces, said professor Mustaque Ahamad, director of the Georgia Tech Information Security Center.
"It is a problem because they are not all good," he said. "It is even difficult to say what is 'good' or 'bad' code."
Not enough due diligence and analysis is being done on these apps to determine how safe they are, Ahamad said. Further, security is not a consideration from the beginning.
"If there is something interesting on the device, the bad guys will find a way to attack it," he said.
Another panelist, Robert Smith, founder and CTO of M.A.D. Partners, a smartphone security firm, offered up an even more alarming scenario, saying that because of its computing power, "the iPhone is beyond the most dangerous device in the enterprise today."
The App Store, through which Apple sells apps, may end up being a huge distributor of malware, he added. The reason, he said, was because the company doesn't conduct source code review of prospective apps.
"How could there be with a quarter million apps?" Smith said.
Apple, for its part, recently released a fresh set of guidelines for app developers wanting inclusion in the App Store.
But the problem of mobile maliciousness promises to persist. Thanks to the so-called consumerization of IT, there are no more boundaries, said Patricia Titus, vice president and CISO at Unisys, an IT company
There are processes to deal with the evolution, she said. Vendors offer technologies that can be overlayed on top of mobile operating systems.
In addition, acceptable-use policies can be updated to be more easily understood by employees.
"We've never addressed the challenge of educating users about what's acceptable," she said.
Technology that takes responsibility out of consumers' hands would also help, TItus said.