The victory march of mobile devices is a siren call to cybercriminals. According to recent surveys, the share of malware impacting smartphones and tablets rose dramatically in 2011, by as much as 140%. And yet, smartphone users appear to be particularly oblivious. A study by Steria Mummert Consulting indicates that only 38% consider data encryption a necessity for mobile devices. One in five even believe that there is no need for security measures when using mobile devices.

This is even more shocking when considering the risks engendered by malware. Inadequate or non-existent encryption allows anyone to access data – a potential catastrophe that is nonetheless frequently minimized. Even devices for purely personal use often contain valuable contact information that can be attacked and abused. Basic protections for smartphones and other devices are available in antivirus software, encryption solutions and access protection such as two-factor identification in which a component such as a smartcard or USB token is used in addition to the password.

When sensitive company data is processed on a mobile device, a means for remote data deletion in the event of an emergency should be part of the security toolkit. Using a virtual private network (VPN) for connection to the company network is also advisable, to screen this connection from other data traffic. However, this method has pitfalls if the mobile device is not free of malware.

The use of personal devices in the professional setting is a major concern, as these are difficult or impossible to integrate into the company's security approach. One possible solution is dual-SIM mobiles, which contain two SIM cards to allow clean separation of personal and professional use.

In the mobile arena as well, Managing Trust is more than the sum of its parts. Unique rules, security guidelines and centrally managed security approaches that include all devices and whose effectiveness is regularly verified are needed to ensure trust and security. Ergonomics plays a decisive role in this area as protective measures are all-too-often ignored if they are not user-friendly or are perceived as disrupting the work process.