Smartphone Security Gaps
Employees are at risk for viruses and other security breaches, so IT staff need to be just as vigilant with company-issued phones accessing the network as they are with computers.
July has been a good month for smartphone security initiatives.
This week, for Google Apps that facilitate enforced use of data encryption, auto wiping after a specified number of failed password attempts, permanent trashing of old passwords, and mandated password changes after a certain time period. A story at EnterpriseMobile Today says the options are available for the iPhone, Nokia Series E and Windows Mobile. They will extend to Android devices later this year, the story says.
On July 7, software with what the company calls the Individual-Liable Devices Policy. The feature, available in BES Version 5.0.2, enables segregation of corporate and personal use of BlackBerries. The new rev also allows remote wiping of corporate data, according to the Computerworld story. The story quotes analyst Jack Gold, who sees the advances as significant but not earth shattering. They appear intended to make it easier to use a BlackBerry as the competition gets tougher.
Many smartphone vendors and corporate decision makers grew up during the days in which the wireline Internet was under constant assault. It still is, but the forces of good have responded. The attitude that the bad guys aren't going to go away is deeply engrained, and everybody-as evidence by the findings this month and by a Goode Intelligence survey in the UK that said 40 percent of companies plan to deploy mobile data encryption-takes smartphone and mobile security quite seriously.
That approach also is evident in the Forbes piece, which profiles John Hering, the chief executive of mobile security firm Lookout:
Mobile security, like Hering, was once focused mostly on research and histrionics. But also like Hering, the field has grown up and is becoming increasingly important in today's world. With the rise of consumer mobile devices -- and people trying to exploit them -- mobile security is likely to be taken increasingly serious by both business people and regular consumers.
The reality is that while challenges do exist and that they can be alarming, the mobile security situation never has gotten nearly as dire as it was in the wireline world a decade ago. That's a good thing, of course. While the mobile world is inherently more secure than the wired version -- there is no wireless "monoculture" for the bad guys to aim at -- a key reason for the positive track record is that the industry has mosly has followed two cliches: "Once bitten, twice shy" and "an once of prevention is worth a pound of cure."