Mobile Computing Presents Security Concerns

Published May 1, 2008

Federal and state policymakers may soon face issues related to new security problems that are arising as the mobile industry evolves.

The industry has shifted from a sector defined by the rollout of new devices to one defined more by the content and services developed for those devices and the experience of device users. This presents new security concerns, according to industry experts who discussed mobile technology at the recent Gartner Wireless and Mobile Summit in Chicago.

“In 2008, we can begin to see the beginning of this new wave,” said Nick Jones, Gartner vice president and a distinguished industry analyst. “Nokia reorganized to create divisions responsible for a range of services under the Ovi banner. Google announced a new mobile handset platform–Android–which seems likely to be a significant platform for content and advertising that could unify the fragmented mobile Linux world. Google may go further and buy spectrum to become a network operator.”

Jones predicts 3GPP Long Term Evolution (LTE) will eventually win the battle for next-generation operator commitments. By 2011, he believes, mobile WiMAX will have less than 3 percent worldwide handset penetration and will handle less than 1 percent of mobile wireless calls.

Mobile Taking Off

As workers increasingly rely on mobile devices to enable them to be as productive in remote locations as in the office, and as companies rely on wireless connections even within mobile settings, enterprises will embrace “portable personality” solutions that will include a user’s application preferences, security profile, and other settings and will provide the same look and feel using an application regardless of the device being used, said Leslie Fiering, Gartner vice president for mobile computing.

Portable personality solutions are mature enough for deployment in situations where trusted PC target systems are readily available, Fiering said.

Security will always be a serious concern for portable personality, Fiering cautioned, although many usable security options are available. Even if the data and applications in the portable personality are fully protected, today there are no completely reliable methods for detecting or defending against keyloggers and screen scrapers hidden in the target system. As a result, all work done on the target system is potentially compromised.

As the cost of memory storage devices continues to decrease, flash drives, iPods, and other handheld devices will be popular methods for workers to carry portable personality solutions, Fiering predicted.

Licensing Issues Loom

Before these options expand beyond limited, very restricted uses, application-licensing issues will have to be addressed, Fiering said. For example, in virtual machine scenarios requiring another licensed copy of the operating system software, the additional OS application can cost more than a portable personality solution, so companies must consider how many resources the target machine has in terms of memory, processing power, and installed operating system.

By 2012, Gartner predicts, more than 70 percent of U.S. enterprises will implement appropriate management and security policies for corporate-owned and non-corporate mobile devices.

Phillip J. Britt ([email protected]) writes from Chicago, Illinois.