Mobile device security
Analyst Coverage: Nigel Stanley
Mobile device security is the provision of technology and supporting governance to secure data on smartphones, tablets and other mobile devices.
Mobile device security encompasses Bring Your Own Device (BYOD) which is the current trend for allowing users to bring their own mobile devices to work and connect them to corporate assets.
The rise of mobile devices such as the smartphone over the past few years has been a technology success story. An almost perfect storm of advancing materials science, chip set development, software innovation and social networking has fuelled the progress in device design and capability beyond that which could be imagined only a couple of decades ago. At the same time, smartphones have become part of the culture and employees expect to use them to facilitate business interactions. This means that almost all companies need to care about mobile device security (even if they think they’ve forbidden the use of smartphones for work) and all employees who own smartphones or other mobile devices need to be aware of the potential issues.
Having such tremendous computing power, alongside users’ private data and contacts makes a tempting target for criminals for the following reasons:
- It could be argued that the security industry has been slow in recognising the threat to such devices, so only now are we seeing products and services designed to improve smartphone security – see Bloor’s Spotlight Paper “Smartphone and mobile (cell) phone security – the new security frontier”.
- The emerging enterprise readiness of Consumer Mobile Platforms – some are more secure than others and security policies may not recognise this. What’s most secure – Blackberry, iPhone, Android or Windows Phone? See Bloor’s opinion.
On top of all their other concerns, most Chief Information Security Officers (CISO) are increasingly having to worry about a number of smartphone security issues:
- Are my smartphones going to be infected with malware?
- Is my smartphone-based data secure?
- Will my mobile voice traffic be secure?
- Can my smartphones be remotely managed?
On the Voice Data Security issue, Bloor has published an overview of cellular (mobile) phone interception here.
There is no longer a discussion about whether mobile devices should be allowed; now the conversation is around how they can be accommodated safely and securely. Ultimately the CISO is worried about risk to the business and, in particular, how this new smartphone risk can be managed whilst at the same time improving the business productivity of users .
Vendor Landscape Changes TBA