Mobile Security in the Apps Era

Mobile Security in the Apps Era

Summary: Mobile Security in the Apps EraAuthor: Eric Everson, MBA, MSIT-SEToday we are enjoying a flood of new highly anticipated content into the mobile industry. With apps (small mobile software applications designed for a mobile handset) ushering in a new era of mobile communication and interaction, much of the excitement in the mobile industry is underpinned by issues in mobile security.

SHARE:
TOPICS: Mobility
2

Mobile Security in the Apps Era Author: Eric Everson, MBA, MSIT-SE

Today we are enjoying a flood of new highly anticipated content into the mobile industry. With apps (small mobile software applications designed for a mobile handset) ushering in a new era of mobile communication and interaction, much of the excitement in the mobile industry is underpinned by issues in mobile security.

2010 has seemingly opened the floodgates for new apps into the mobile market. With phones like the Apple iPhone and Motorola Droid standing out as class leaders in this new era, apps are quickly becoming part of our culture. The problem is that not all apps are created equal and some apps may open some unexpected doors.

This has already been the case this year as we have seen mobile banking apps released by the most popular app retailers that turned out to be malware. In these instances, the apps looked like the official banking apps, but instead of logging into your bank account, your information was being sent to a sophisticated network of hackers. While the app retailers were quick to banish these particular apps due to negative press, similar threats are unleashed every day.

As an industry we have gone about security in a way that has created significant vulnerabilities for the apps era. As consumers in this industry we treat our handsets as disposable technology and opt against third-party mobile security solutions, despite that 9 out of 10 people agree that they wouldn’t go online with their laptop without at least a firewall or antivirus solution in place. We do not afford this same level of protection to our cell phones, yet increasingly much of the time we spend online is migrating into the mobile environment. Without antivirus/firewall protections in place on your mobile handset, you are just as likely to contract a harmful strain of code on your phone.

This is not intended to sway users against opening their arms to the apps era, because there is a lot of valuable content of high quality being introduced into the market too. Differentiating the good from the bad remains our greatest conflict to date in this rapidly growing app era. The vetting process for new apps must be improved and a quality standard must soon be adopted to pave the way for a safer mobile experience.

Topic: Mobility

MobileTech

About MobileTech

Eric Everson: Founder of MyMobiSafe.com. As a pioneer in mobile security, Eric Everson led MyMobiSafe, LLC from R&D through startup. Today, MyMobiSafe Verified has become the hallmark of quality throughout the app-driven wireless community. Everson is a graduate of the Harvard Business School MIT Program and holds a bachelors degree in Marketing Management and masters degrees in Software Engineering and Business Administration. Everson remains extremely close to the mobile security industry as an innovation leader. As a lw student with an entrepreneurial spirit Everson is driven both academically and professionally by a passion for innovative technologies.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Eric, you’ve touched on a huge challenge here. The issue of app security has been on the radar of mobile and security professionals for a significant time now, yet we’re only just seeing it start to hit the point of general consumer awareness.

    You’re completely right in saying consumers are opting against third-party mobile security solutions. The vast majority of users simply don’t see the need for such software – and why would they when this type of malware is designed to act stealthily. The reality is, that there is often no easy way for users to identify whether apps are potentially malicious or not and unfortunately genuine applications can also be susceptible to leaks.

    In reality however, this kind of on-handset antivirus software or firewalls can’t address the problem of apps harvesting and sending sensitive data to external sites - especially given the constant changes in site location. Responsibility here primarily has to lay with the developers and the app stores. Currently, the level of app store submission vetting is varied at best, with some more rigorous than others. However even the strictest reviewing process can only go so far. For example, with the increasing use of embedded advertising in applications, new risks can be introduced later with advert web click-throughs and automatic call dialling.

    We’re now seeing mobile operators stepping up and increasingly providing network-level defences that enable them to identify threats and block breaches early. This avoids the need for subscribers to update handset applications, which itself can cause a drain on network bandwidth.

    Awareness is also key. In the early days of mass-market PC adoption, users had to be educated on potential security risks. The same is now true for mobile. Only when users are made aware of potential security issues, will they be armed with enough knowledge to avoid putting themselves at risk.
    SimeonConey
  • Hey Eric!

    My friend John works in technology and tells me that the remote wipe app on my smartphone is only as good as the network coverage and the likelihood that the thief/ finder will not know to turn it off when they find my phone and want to access my data... :-/ He tells me I need a good mobile encryption product. I had PGP (?) before on my work laptop and it was a nightmare to use- it took ages to sync and sending a mail was just a pain. Do you know if there is a simpler one on the market? One that works on my laptop too-or is that too many asks ;-)
    fletcherdun