The heart of the Mobile Security Specification is a mobile terminal module (MTM) that guards data, applications and operating systems. (Everything in this post is predicated on a CSOonline.com report, since the group's Web site doesn't say anything about a launch.) The organization has created similar security infrastructures for PCs, servers and networks.
Of course, we think this is a great idea.
The moment of truth is fast approaching for mobile security. Attacks against devices are increasing gradually, but haven't yet reached the breaking point. If that point is breached, all subsequent efforts will focus on undoing damage.
A look back at the initial waves of spam, viruses and other problems suggests that a lot of headaches would have been averted if the industry had intensely focused on these problems as soon as they emerged. Management and IT need to learn from the past and dedicate themselves to keeping mobile security problems from spiraling out of control. As the saying sort of goes, a bit of prevention is worth a byte of cure.
The TCG's MTM seems like a good step in that effort. The basic idea of an area in a device that can be reinforced certainly makes a lot of sense. We're not engineers, so we can't say how the basic approach will translate from PCs and servers to the more constrained world of mobile devices in which power, memory and storage are in shorter supply.