March 23, 2006
 

SUBSCRIBE
ABOUT US
CONTACT US
ADVERTISE
MEDIA KIT
'06 EDIT CALENDAR
REQUIREMENTS
SUBMISSIONS


EVENTS
CUSTOM PUBLISHING
MOBILE KNOWLEDGE
PRODUCT REVIEWS
CORP PROFILES
ROI CASE STUDIES
ME OUTLOOK
ADVISORY TEAM








Posted: 10.04

Where Is the Real Inflection Point for Mobile Security?

In the last three months alone, two people I know have had their laptops stolen. One is the CEO of a small company who carried most of his company’s business on his laptop. The other is a partner at Ernst & Young who had a fairly large amount of competitive information on his. Neither of these men can be accused of being technologically un-savvy, and yet, beyond having some basic measure of protection for preventing unauthorized access to the corporate network, the laptops themselves were not secure. This is a typical scenario for most mobile pros—and you know who you are.
Email this article
Print this article

By Tony Rizzo




Most professional people I know travel with laptops and mobile phones (I’ve never met a PDA that eliminates my need for a laptop). But how many of us actually worry about encrypting the data that sits on a laptop or have actually enabled our laptops with foolproof login capability? The truth is that most of us carry completely unprotected laptops around and never give it much thought. (Or rather, the thinking is, “It’s not my laptop that will be stolen or lost.)

Why then all the fuss over PDA and mobile phone security? What percentage of mobile pros really carry critical strategic information around with them on such devices, and is this the most likely area of mobile vulnerability? Some of the mobile middleware players are now beginning to provide device-level security for such hardware, such as remote PDA data wipe, encryption of data on the device itself and more esoteric capabilities such as preventing an unauthorized user from running a debugger on a device to hack passwords or other data. All well and good. But is this enhanced PDA security more a differentiator offered to meet the misplaced concerns of the enterprise CIO than an actual necessity?

Some of us believe that current data encryption standards and compression—whether provided as part of a mobile application through a middleware player or through a mobile VPN—provide more than enough security to meet the needs of most wireless/mobile communications for most users. But it isn’t the actual transmission of mobile information that is the major security issue.

Assuming a PDA or a mobile communication channel isn’t the real enterprise mobile security threat, where is it to be found? Recent mobile research I’ve been conducting at The 451 Group strongly indicates that the true mobile-equipped laptop or tablet PC (whether through Wi-Fi, emerging EV-DO or UMTS, CDMA, GPRS or likely a combination of these) will begin to replace most desktops in the enterprise sooner than later—making every enterprise user a mobile employee. It is that full-fledged Windows-based (or perhaps soon Linux-based) machine that enterprises need to secure from a mobile perspective. Think about it, because not nearly enough of you are.

—Tony Rizzo is head of the Mobile Technology Sector at The 451 Group, an analysis firm covering the business of emerging information technologies.
WHITE PAPERS
NEW!
Click here to download






Home |  Current Issue |  Mobile Professional |  Mobile Campus |  Mobile Sales |  Mobile Service |  Q + A |  Newsletter