Smartphones have become sufficiently high-tech that for many people they can replace a PC or laptop. But as these new mobile devices increasingly show up on corporate networks, new security concerns arise.
Security expert Dean Coclin recently wrote about the security risks that come along with having smartphones on the enterprise network:
Where once mobile devices existed simply as a phone, they are now very intelligent data devices and are getting smarter and more robust every day…. Security professionals need to consider what steps and policies they can adopt to ensure that the applications being downloaded by employees are safe and do not wind up causing a material information breach…. The answer today is the digital signature that accompanies the application, whereby the developer digitally “signs” the application and a third party that issues the digital signature vouches for the identity of the individual…. In this way, signed applications and content can be downloaded and we know who signed it and that it has not been tampered with.
Coclin investigates the security certificate practices of some of the major mobile device companies and shows that, while some are better than others (with Google at the bottom of the list), all could use major improvements.
To further secure smartphones and the networks they access, Coclin proposes a requirement that all downloaded code be authenticated with trusted third-party-signed certificates. In addition, he suggests that mobile device companies utilize a more vigorous and comprehensive vetting process to investigate and verify all mobile application developers.
Nowhere is device security more crucial than in Defense applications. The mission-critical requirements of defense settings demand a fully integrated security architecture, built from the ground up.
They chose 
As the second mobile worm found in the wild for 2009,
