Saturday, May 18, 2013

Top five mobile security concerns


SearchSecurity.com's 2012 enterprise mobile security survey polled 487 IT security professionals and IT managers. The survey found the following top five mobile security concerns:
1. Device loss was the top concern. If an employee leaves a tablet or smartphone in a taxi cab or at a restaurant, for example, sensitive data, such as customer information or corporate intellectual property, can be put at risk. According to Marcus Carey, a security researcher at Boston-based compliance auditing firm Rapid7 Inc., such incidents have been behind many high-profile data breaches.
2. Application security was the second-ranking concern. One problem is mobile apps that request too many privileges, which allows them to access various data sources on the device. According to Domingo Guerra, president and co-founder of San Francisco-based Appthority Inc., many mobile apps -- especially free ones -- are built with ties to advertising networks, which makes contacts, browsing history and geolocation data extremely valuable to application developers. As Guerra put it, "Developers want to monetize, consumers want free apps and then ad networks will pay developers to get all of that juicy data from their users." According to survey respondents, leaked corporate contacts, calendar items and even the location of certain executives could put the company at a competitive disadvantage.
Another concern is malicious or Trojan-infected applications that are designed to look like they perform normally, but secretly upload sensitive data to a remote server.
3. Device data leakage was the third-ranking mobile security issue. Nearly all of the chief concerns identified in the mobile security survey, from data loss and theft to malicious applications and mobile malware, are sources of data leakage. While most corporate access privileges on mobile devices remain limited to calendar items and email, new mobile business applications can tap into a variety of sources, if the enterprise accepts the risks, said mobile security expert Lisa Phifer. Increased corporate data on devices increases the draw of cybercriminals who can target both the device and the back-end systems they tap into with mobile malware, Phifer said. "If you're going to put sensitive business applications on those devices, then you would want to start taking that threat seriously."
4. Malware attacks were the fourth-ranking mobile security concern. A new report from Finland-based antivirus vendor F-Secure Corp. found the vast majority of mobile malware to be SMS Trojans, designed to charge device owners premium text messages. Experts say Android devices face the biggest threat, but other platforms can attract financially motivated cybercriminals if they adopt Near Field Communications and other mobile payment technologies. An F-Secure analysis of more than 5,000 malicious Android files found that 81% of mobile malware can be classified as Trojans, followed by monitoring tools (10.1%) and malicious applications (5.1%).
5. Device theft was fifth on the list of top concerns. Smartphone theft is a common problem for owners of highly coveted smartphones such as the iPhone or high-end Android devices. The danger of corporate data, such as account credentials and access to email, falling into the hands of a tech-savvy thief, makes the issue a major threat to the IT security pros who took the survey.

Friday, February 12, 2010

Gartner Reveals Eight Mobile Technologies to Watch in 2009 and 2010

Future of Wireless Industry to Be Discussed at Gartner Wireless & Mobile Summit, February 23-25, in Chicago
STAMFORD, Conn., January 28, 2009 —

Gartner, Inc. has identified eight mobile technologies that will evolve significantly through 2010, impacting short-term mobile strategies and policies.

“All mobile strategies embed assumptions about technology evolution so it’s important to identify the technologies that will evolve quickly in the life span of each strategy,” said Nick Jones, vice president and distinguished analyst at Gartner. “The eight mobile technologies that we have pinpointed as ones to watch in 2009 and 2010 will have broad effects and, as such, are likely to pose issues to be addressed by short-term strategies and policies.”

Gartner’s eight mobile technologies to watch in 2009 and 2010

Bluetooth 3.0 —The Bluetooth 3.0 specification will be released in 2009 (at which point its feature set will be frozen), with devices starting to arrive around 2010. Bluetooth 3.0 will likely include features such as ultra-low-power mode that will enable new devices, such as peripherals and sensors, and new applications, such as health monitoring. Bluetooth originated as a set of protocols operating over a single wireless bearer technology. Bluetooth 3.0 is intended to support three bearers: "classic" Bluetooth, Wi-Fi and ultrawideband (UWB). It's possible that more bearers will be supported in the future. Wi-Fi is likely to be a more important supplementary bearer than UWB in the short term, because of its broad availability. Wi-Fi will allow high-end phones to rapidly transfer large volumes of data.
Mobile User Interfaces (UIs) — UIs have a major effect on device usability and supportability. They will also be an area of intense competition in 2009 and 2010, with manufacturers using UIs to differentiate their handsets and platforms. New and more-diverse UIs will complicate the development and support of business-to-employee (B2E) and business-to-consumer (B2C) applications. Organizations should expect more user demands for support of specific device models driven by interface preferences. Companies should also expect consumer interfaces to drive new expectations of application behavior and performance. Better interfaces will make the mobile Web more accessible on small devices, and will be a better channel to customers and employees.
Location Sensing — Location awareness makes mobile applications more powerful and useful; in the future, location will be a key component of contextual applications. Location sensing will also enhance systems, such as mobile presence and mobile social networking. The growing maturity of on-campus location sensing using Wi-Fi opens up a range of new applications exploiting the location of equipment or people. Organizations delivering business or consumer applications should explore the potential of location sensing; however, exploiting it may create new privacy and security challenges.
802.11n — 802.11n boosts Wi-Fi data rates to between 100 Mbps and 300 Mbps, and the multiple-input, multiple-output technology used by 802.11n offers the potential for better coverage in some situations. 802.11n is likely to be a long-lived standard that will define Wi-Fi performance for several years. High-speed Wi-Fi is desirable to stream media around the home and office. From an organizational perspective, 802.11n is disruptive; it's complex to configure, and is a "rip and replace" technology that requires new access points, new client wireless interfaces, new backbone networks and a new power over Ethernet standard. However, 802.11n is the first Wi-Fi technology to offer performance on a par with the 100 Mbps Ethernet commonly used for wired connections to office PCs. It is, therefore, an enabler for the all-wireless office, and should be considered by companies equipping new offices or replacing older 802.11a/b/g systems in 2009 and 2010.
Display Technologies — Displays constrain many characteristics of both mobile devices and applications. During 2009 and 2010, several new display technologies will impact the marketplace, including active pixel displays, passive displays and pico projectors. Pico projectors enable new mobile use cases (for example, instant presentations projected on a desktop to display information in a brief, face-to-face sales meeting). Battery life improvements are welcome for any user. Good off-axis viewing enables images and information to be shared more easily. Passive displays in devices, such as e-book readers, offer new ways to distribute and consume documents. Display technology will also become an important differentiator and a user selection criterion.
Mobile Web and Widgets — The mobile Web is emerging as a low-cost way to deliver simple mobile applications to a range of devices. It has some limitations that will not be addressed by 2010 (for example, there will be no universal standards for browser access to handset services, such as the camera or GPS). However, the mobile Web offers a compelling total cost of ownership (TCO) advantage over thick-client applications. Widgets (small mobile Web applets) are supported by many mobile browsers, and provide a way to stream simple feeds to handsets and small screens. Mobile Web applications will be a part of most B2C mobile strategies. Thin-client applications are also emerging as a practical solution to on-campus enterprise applications using Wi-Fi or cellular connections.
Cellular Broadband — Wireless broadband exploded in 2008, driven by the availability of technologies such as high-speed downlink packet access and high-speed uplink packet access, combined with attractive pricing from cellular operators. The performance of high-speed packet access (HSPA) provides a megabit or two of bandwidth in uplink and downlink directions, and often more. In many regions, HSPA provides adequate connectivity to replace Wi-Fi "hot spots," and the availability of mature chipsets enables organizations to purchase laptops with built-in cellular modules that provide superior performance to add-on cards or dongles.
Near Field Communication (NFC) — NFC provides a simple and secure way for handsets to communicate over distances of a centimeter or two. NFC is emerging as a leading standard for applications such as mobile payment, with successful trials conducted in several countries. It also has wider applications, such as "touch to exchange information" (for example, to transfer an image from a handset to a digital photo frame, or for a handset to pick up a virtual discount voucher). Gartner does not expect much of the NFC payment or other activities to become common, even by 2010, in mature markets, such as Western Europe and the U.S. NFC is likely to become important sooner in emerging markets, with some deployments starting by 2010.

Saturday, April 25, 2009

Is quantity quality in the case of Windows Mobile?


For my final project at the University of Ballarat in Australia I have been interviewing several companies who are involved in the development of mobile applications.

One of the things that I noticed was that non of the companies that I have been interviewing go for fully web-based mobile applications.

Another interesting thing was that most of the companies where focussed on supporting the Windows Mobile platform. Second came application development for a Java Virtual Machine (J2ME).

"Why is it that all those companies are so focussed on Microsoft?"

Yes Microsoft owns a big piece of the mobile pie, but is that piece as good as they say it is? Some say Windows Mobile has stability issues and probably will be phased out in the future.