In less than a decade, the global mobile Internet has emerged as a phenomenon that directly impacts the lives of 1 out of every 8 persons living on the planet. As businesses of all types scramble to prepare for the unstoppable wave of mobile commerce unleashed by this socio-economic revolution, the need for strengthening mobile security has never been greater.
The mobile device market reached a critical inflection point at the start of 2011: For the first time more than half the world’s global Internet users – roughly 1 billion people – accessed the Internet from a mobile device. What’s more, those devices increasingly consist of smart phones, which according to analyst firm International Data Corporation, overtook PC shipments in 2010 for the first time. This shift is even more dramatic when considering that it doesn’t include the estimated 20 million-plus tablets shipped in 2010, a figure projected to hit 55 million units in 2011.
While 53% of mobile handset users in a recent survey identified mobile security as a primary concern, few have taken any action to protect themselves, including the most rudimentary of precautions such as password-protecting their devices to safeguard personal information in the event their phones are lost or stolen. What’s more, these devices are increasingly being used for data access and transactions that pose the greatest potential for risk or loss. These include accessing business and personal applications that were once housed in more secure PC and corporate computer environments, including corporate messaging, e-mail and Intranet access; conducting personal finance and banking activities; and using mobile devices to take advantage of the growing number of new retail mobile payment applications and services.
Protecting user privacy and the security of applications and data from those looking for illicit profits or with malicious intent will be key to establishing and maintaining consumer trust in the mobile platform for protection of privacy and data and even more so as a safe means for conducting commercial transactions.
Not surprisingly, few mobile users have even been aware of potential threats to their mobile environment. The first mobile virus was detected in 2004 because until then mobile operators provided service in a “walled garden” limiting the user’s ability to download anything other than their own proprietary or “approved” external content. This meant that most users had little to no exposure to malware, including viruses and worms.
However, as countless millions now rely on their mobile devices for Internet access and are downloading from literally hundreds of thousands of available mobile applications – 11 billion downloads in 2010 surpassing $5 billion in revenue – it’s no surprise that hackers and others looking to exploit security flaws or weaknesses have started to turn their attention to mobile platforms and are migrating with the mass of end users from PCs to smart phones and mobile devices. In fact, across the various mobile platforms there have been nearly 600 known mobile viruses, worms and Trojans identified on the loose today. Mobile threats also include various “phishing” ploys more common to the PC environment specifically dealing with premium-based subscription calling Trojans, which hijack users’ phones and rack up exorbitant charges to international premium services.
How can we keep mobile devices safe and ensure a secure and robust ecosystem that supports future needs? The answer lies in the cloud. Today, the cloud delivers both applications and computing resources in on-demand, pay-as-you-go scenarios never before possible, but now being enabled by cloud centers around the world utilizing the most advanced storage and processing capabilities.
Cloud computing is playing an increasing role in the mobile device ecosystem, especially among smart phones, which require more complex computing capabilities that take advantage of remote or cloud delivered services to provide powerful processing and robust storage capability while not taxing the limited capabilities of a mobile device. In addition, it is becoming increasingly common for people to carry multiple mobile devices, and the data/service migration between devices will rely on platform independent cloud solutions. The open cloud platform approach benefits the whole mobile ecosystem by enabling improved information sharing and facilitating cooperation and related benefits among all participants.
A cloud-client mobile computing platform represents the future for delivering trusted and intelligent mobile security services. This platform approach takes advantage of the inherent benefits of cloud computing in distributing the traditional functionality of a robust security capability – monitoring, detection, inoculation, removal and database archiving – in the most efficient and productive manner based upon where data and transactions reside and occur. It enables faster and timelier protection to users while minimizing handset requirements so that even low-end mobile devices can benefit from the security of a highly complex virus-scanning service.
One of the primary benefits of the open architecture cloud-client approach is that it makes available an open applications programming interface to operators, download sites and other third-parties to share the malware database in the cloud. This avoids the costly and time-consuming pitfalls of managing the permutations of multiple platform and device interfaces on multiple host systems.
The end result is a much healthier mobile ecosystem for all participants and a long-term boost to mobile commerce.