Mobile malware is on the rise and poses a serious threat to the security posture of mobile devices, warns IDC in its Mobile Security forecast .
While infected Android applications have had the most press thus far, many users will also open up infected Web sites and unknowingly download malicious code that can take advantage of root-level exploits on the device.
Once a device is rooted, all other security measures that run on top of that are compromised. So enterprises should consider adding additional layers of security for insurance, says IDC.
Virtual private networks aren’t the only way to secure the mobile workforce. There are two technologies that can have the ability to enhance mobile security offerings are GPS and virtualization.
Contextually aware security
An interesting idea is the use of GPS technology to provide contextually aware security. Using this technology, an administrator can set policies via device location so the software can recognize when the device is out of compliance and take action if necessary.
For example, if the device goes outside its approved location (a retail store for instance), the device will recognize that it's outside its approved GPS coordinates and lock.
These types of features will be very interesting to certain vertical markets, such as retail, healthcare, or government.
Virtualisation is another technology that stands to enhance mobile security. Currently, hypervisors can be deployed onto the device directly (at the chip level or above), allowing for partitioning of operating systems.
For instance, on an individual-liable device virtualization would enable the phone to have one OS for business apps and another for personal information.
In addition to providing a secure domain for enterprise applications and management/security software, depending on where in the phone stack the hypervisor sits, virtualization can actually protect the security software itself if the phone’s operating system becomes compromised.
At present, mobile virtualisation solutions are mainly available for Android devices.
The CIO Big Conversation
Consumerisation: How to manage the new era of mobility
Date: Thursday 25th October 2012
Location: The Mandarin Oriental Hotel, London
To register for your place, email firstname.lastname@example.org
The Big Conversation is a business technology leadership forum that brings IT leaders together to listen, share & shape opinions on the key issues the CIO community faces. The evening will include a keynote from a top CIO 100 speaker sharing his experiences on this topic, as well as the opportunity to share your views with fellow CIOs over networking drinks and canapés.