Mobile World Congress (MWC) - the global shindig for everything mobile device-wise has to be seen to be believed. Attending as a panel speaker and a guest of Trend Micro I was able to take in the sights and sounds of this truly monumental show in Barcelona, Spain. I suppose one could sum it up as a combined fashion and technology show as the level of glitz and glamour was at times way over the top. Even at a time of worldwide financial issues this industry clearly has money to spend.
The high profile global nature of the event was reflected in the very obvious security presence throughout the city. Barcelona has a pretty dreadful reputation for street crime and, by all accounts, MWC is the annual honeypot that attracts criminals far and wide. Certainly anecdotally they had some success despite the valiant attempts by some victims to pursue their assailants. Major public order problems were averted but a couple of small scale, but vocal, protests against various companies in the mobile industry, student cuts and other related issues took place outside the venue and throughout the city.
So what of security vendors at the event?
Bearing in mind that MWC coincided with RSA in San Francisco, there must have been discussions within marketing groups at some companies as to which event was best to attend. The word on the street was that mobile security was taking centre stage at RSA at the same time that it was making an appearance at MWC, although nowhere near centre stage. After all, the glitz and glamour of new mobile gadgets will always overshadow security products at an event such as MWC.
In the past I had voiced my concern at the lack of attention that security, in its broadest form, was getting from the mobile industry. In my experience, network operators have historically been of the view that security, outside of their core network, was someone else's problem. With the huge uptake of smartphones and the ingrained and intimate nature of these devices in so many people's lives, ignoring security is no longer an option. To that end I have been busy working with some of these operators to examine how they can deliver a secure experience to their users such that the overall security risk is reduced through better education and the provision of technologies within the operator's network and customer estate.
Trend Micro is one organisation that is putting significant resources into the world of secure consumerisation and doing a lot of thought leadership to help customers understand this pressing problem. I face this on a daily basis when working with end user companies that have finally accepted that saying "No" to the proliferation of smartphones and tablets is no longer an option. Employees bringing their own devices to work and wanting connectivity only further complicates the issue. As a conservative security guy, my view has changed from the voice that says "No" through to the voice that says "Yes, but" and then works hard to create the governance, policies, training and technologies to support these devices but mitigate the risk, as best we can.
The discussion panel run by Trend featured some interesting statistics around mobile device security, which, in turn, led to an interesting debate trying to decide what is the most secure smartphone operating system. I was on the side of BlackBerry, but it was a close call as my research into Windows Phone has led to an increase in my own confidence in that platform. Of course it has a minute market share and, therefore, hasn't attracted the attention of hackers to the extent that Google Android has. How well it survives any onslaught only time will tell, but with some predictions showing Windows Phone having a 15% market share within the next few years we will soon see.
We have only started to understand the issues around consumerisation and bring your own device (BYOD), but the sooner we get our heads around this important issue the sooner we can protect our users, data and intellectual property.
On a side note, and not a security issue, Nokia were proudly showing their new 41-megapixel smartphone called the 808 Pureview. This reportedly offers enhanced low-light performance as well as clever image compression. Sounds great, until you realise that it has been released on the Symbian operating system rather than Windows Phone 7.5. Despite asking around I can't get a sensible answer why this has been released on an operating system that is all but dead, except for some low end super cheap models designed to build market share.
Was it in a rush to get something, anything, perceived to be cool to market?
Anyone else know?