Mobile Security Isn't Going to Just Happen

Security professionals need to get hands-on with the software that runs on mobile devices and engage with the developers who put all those apps in users' hands.

By Kenneth van Wyk
Tue, May 24, 2011

Computerworld — The future is mobile, folks. The real question is, Are you ready for it? Really ready for it?

I've spent the better part of the last six months learning and studying all I could about the iOS and Android worlds. For all sorts of reasons, I firmly believe that these platforms are going to be integral to our computing needs well into the future. The combination of hardware speed, size and availability, along with the maturity of the software, shows that the time is now.

Slideshow: Mobile Security: How Gadgets Evolved

Of course, that's no great revelation. Anyone even remotely watching the IT world would have to know that mobile devices have been having significant impact for some time now.

But what does all this have to do with security ? Well, despite the many innovations that were necessary to create our mobile world, there are many aspects of today's mobile platforms that represent significant steps backwards, at least from a security perspective. Despite their Unix-derived lineage, most of today's mobile platforms are basically single-user systems, with all the security of Windows 3. OK, Windows 95 ... but little else. (Running all iOS apps as root? Seriously, Apple ? What were you thinking?)

There's much to be done in the area of security for our mobile systems.

So, just how do we go about making mobile systems more secure? To answer that, we need first to take a brief look at how the IT security community has fared over the past few decades. Most significantly, since the explosive growth of the Internet got under way in the mid-1990s (largely due to the Web), we've been focusing our attention on applying add-ons to try to secure our systems.

We've built firewalls to put in front of our systems. We've developed intrusion detection (and "prevention") systems to watch over our systems. We've put antivirus and personal security products on our desktops and laptops. We keep on adding security products to our systems, but the problems continue to get worse every year, not better.

You see, all these add-on approaches amount to rearguard actions, with fixes applied after the fact. By any objective measure, these practices haven't done much to protect us from each novel attack that has come along.

One of the principal reasons for all these failures is that our software is broken. We use antivirus software because the operating systems have failed to protect us. We use firewalls because our applications fail to protect themselves. And so on.

1 2 3 next page »

Originally published on www.computerworld.com. Click here to read the original story.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

You are here: Technology Topics » Mobile/Wireless » Advice & Opinion

Most Recent Mobile/Wireless Stories

White Papers »

Gartner Report on BYOD: Media Tablets and Beyond

This research assesses the impact of the growth in media tablets and other "off desktop" form factors entering IT deployments and makes recommendations on building an enterprise management plan based on industry best practices.

BYOD Policy Implementation Guide

This BYOD implementation guide from Absolute Software provides three simple steps to legally secure and manage employee-owned devices within a corporate environment.

The most simple & secure solution for Intranet access from mobile devices

The promise of enterprise mobility means that employees are more productive and address business issues in a timely, untethered manner.

Mobile Middleware Strategies

Learn why a mobile development platform is critical to be able to support today's complex enterprise mobility strategies. Learn what to look for in a mobile development platform and how apply these tools whether you're developing a dedicated app for one device or multiple apps running across multiple devices.

Native & HTML5 Mobile Apps: Not an either or, but a where and when

Learn how developers are using HTML5 and native development methods to build mobile apps. Get practical insights on how these tools are being used, what's driving their usage, and how to choose the best development approach for your business.

The Evolution of Enterprise Mobile App Development

Driven by explosive growth in smartphone and tablet sales, enterprise mobility has become an essential part of business. Organizations across industries are developing internal- and external-facing mobile applications that drive revenue, build brand loyalty, strengthen communication with partners, and enhance employee productivity. Learn how keeping pace in this market requires an agile, flexible, and iterative approach to application development.

Webcasts »

Set It & Forget It - Apple Devices in the Enterprise

Ben Snyder, Desktop Support Analyst at Under Armour, discusses how this fast-growing company with thousands of mobile employees uses an automated process to manage its mix of PC and Apple devices from a single console.

Take Control and Empower users with BlackBerry Mobile Fusion from RIM

At one time, a smart phone was only on executive tool that increased productivity. But now, more employees than ever before are bringing their own mobile devices and tablets into the workplace. CIOs must satisfy this new class of users but they need the tools to manage the growing number of devices and tablets over a wider variety of mobile operating systems.

Join David Heit, Senior Director of Product Strategy for Research In Motion (RIM) and award-winning technology editor Stan Gibson for a look at the forces that are transforming mobile IT today. In this Webcast you will learn about BlackBerry(R) Mobile Fusion and now you can manage and secure BlackBerry(R), iOS and Android(TM) devices all from one unified interface.

Mobility KnowledgeVault

How "mobile ready" is your infrastructure? This Mobility Knowledge Vault provides a wide variety of expert advice on how to strike a balance between end user ease-of-use and security. Prepare your organization with primers on data encryption and user authentication, device disablement and devising an employee-liable device strategy that makes both IT and users happy.

Successful Mobility: Access and Performance Anywhere

Today's workforce is truly mobile. At the office, from customer sites, even at home or in a hotel - their connectivity and application performance needs remain the same. But even though their requirements don't change, the challenges in meeting their expectations do.

Workday's Mobile Solution for iPad

Stay connected while on the go
As the workforce around the world becomes more mobile, enterprises are enabling their workers to stay informed and connected while on the go. Deploying Workday's cloud-based mobile solutions could not be easier!

Embracing BYOD: Best Practices from the Front Lines

Mobility is reshaping business worldwide. It's also reshaping how IT operates, fueled by the "Bring Your Own Device" trend, a trend that's been in the making since at least 2008. In this webcast, you'll learn how world IT leader SAP has embraced BYOD for lower costs, higher employee satisfaction and better business outcomes.

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter