The future of computer and mobile security

by [Published on 10 Aug. 2011 / Last Updated on 10 Aug. 2011]

This article will take you through the mobile device management journey and how the holy grail of central device management is quickly being reinvented to ensure that your data, device and resources are safe.

Introduction

Mobile devices have far overtaken the global personal computer estate, with over 5 billion devices concurrently connected and growing. Think of a time when your PC is in your pocket, and the power of the personal computer is no longer the machine under your desk on in your laptop bag but in your pocket.

MDM, the term used for mobile device management is being thrown back and forth in our daily conversations, within social environments and most importantly within enterprises. Given the extremely fast pace of technology and the growing need for flexibility within the business environment, the days of businesses being solely run within the business location are over. Business can now be undertaken whenever and wherever you and your mobile devices are, with all the information and applications you require on the go. This new found flexibility and business competitive advantage, brings with it the new challenges of securing those mobile devices of which many individuals go about their day using. Users have more than one device and a mix of various brands and device types. Taking business in the form of applications and documents, out of the office, we are moving around with mobile devices in a very penetrable environment where our devices, data and resources are openly available to the passing hacker.

It is of paramount importance that we find and utilise a versatile solution to secure our devices. A good solution would be one that embraces mobile device diversity. Securing and managing these devices can be addressed in various ways through several platforms.

At present the most popular mobile devices being used and in need of mobile security and management solutions are Apple iOS, Windows phone 7, RIM Blackberry, WebOS, Nokia Symbian and Android.

How a typical mobile device management solution works

Let’s go back to basics, where it all began. Classic solutions make use of two components, a server and a client component. The server component sends out the management commands and the client component, running the mobile device, implements the management instructions or policy. The server and client components can be run from multiple vendors, however for further functionality it is best to have both components sourced from an individual vendor.

The management of mobile devices has rapidly evolved and still evolving continuously at an extraordinary pace. Commands are now sent over the air (OTA) (central remote management); an administrator can now use an administrative console to make adjustments to any individual or collective groups of mobile devices simultaneously. This solved the previously looming scalability issue. Where we are today, central management functionality includes; firmware over the air updates, diagnostics and troubleshooting, security, backup and restore, remote lock and wipe, network usage and support, server deployment , mobile asset tracking and management, software installation ability , policy application, logging and reporting, remote control and administration ,GPS tracking and so much more.

Market responses

The market has quickly responded to mobile threats by implementing tactical solutions from many “mushroom” vendors and some more staple vendors. A mushroom vendor is a term, I have coined in the security industry, to describe a vendor that has not been in the market long but has spotted an opportunity and built a tactical solution, in order to meet market demands in the hope of becoming the de-facto standard.

These vendors seldom win the race and more often than not consolidation sets in after market correction, meaning that the big guys (staple vendors) buy up some of the small guys and thus commoditise that security space. The issue with this is that many organisations have invested in the tactical solution only to rip out what they have invested with the mushroom at a later date to upgrade to a more versatile and stable platform and move to the security giant.

Another observation is that the majority are only considering basic features, like wipe, lock and encrypt and there is a lot more to a comprehensive security strategy.

With the emergence of bring your own device and commoditisation the organisation can now manage corporate data on any device without impact to the user. Issues like malware will become more of an issue in time and this is something that is currently being neglected and you can bet on an explosion of this type of threat in the near future. 

Mobile device management benefits

The benefits and advantages of mobile device management are noted throughout the spectrum. It is not only beneficial for the owner of the device but benefits are unanimous with many parts of the business, these include the network operator, the device manufacturer, the business enterprise as well as the subscriber.

The modern challenge is using a personal device for corporate use whilst being able to protect the corporate data and use from unauthorised access. The user still needs to feel that the device is theirs and the corporate needs the assurance that the corporate data is secure thus a mutual capability and security is established through technical controls.

The question often is asked why I should use my device at work. The answer maybe because I only want to use one device and enabling this convenience is possible with the right solution.

Benefits of MDM

When mobile device management is utilised the device is simpler to manage for both the corporate and the end user. Devices can be updated and supported remotely, allowing solutions to be more efficiently carried out and thus quicker. This has a significant reduction in cost thus saving money for the business and simplifying user operation. Collectively business can now offer corporate level management of corporate data on personal devices. Few vendors can properly achieve this as most solutions aim at personal use and not Enterprise Mobility Management. Additionally the start-ups have not yet been in the market long enough to offer a sustainable solution and are more likely to run out of steam and thus a risk to many corporates.

Features MDM platforms should have

When considering the various MDM solutions, one should take into consideration feature set combined with security and longevity.  Most mobile devise management solutions should provide the following capabilities.

  1. Central management
  2. Multiple platform support
  3. Corporate appstore
  4. Application whitelist
  5. Application control
  6. Device backup
  7. Device remote control
  8. Device Lock
  9. Device Wipe
  10. Device Encrypt, Multi-level meaning both device and removable media
  11. DLP capability
  12. Anti-malware and Antivirus capability
  13. Location services
  14. Capability to apply software updates and patches through the MDM
  15. Software should always be tracked for licence compliance
  16. Should allow for tracking of hardware and software resources and properties
  17. Should ensure a secure environment by encrypting wireless communications
  18. Wireless provisioning for WIFI
  19. VPN provisioning
  20. Browser control
  21. Data should continuously backed up and have the ability to be restored in the event of device loss.
  22. Passwords policy control
  23. Compliance congruency to mirror corporate policy

Current MDM trend

Many smaller enterprises are trying to secure a place in the market with their tactical mobile device management solutions; however larger more established corporations have their own mature solutions that have been tried and tested. The mobile device management market is inundated at the moment with various solutions being brought forth by various start-ups, however in time many of the smaller enterprises will most likely be bought out or strangled by the larger more staple companies leaving the remaining successors to monopolise the market.

Typical solution overviews

Some vendors offer solutions which addresses mobile device management as well as security. They are able to cover multiple platforms. Management platforms are packaged as easy to install physical and virtual appliance, which can be up and running in a couple of hours. There are two main type of MDM platforms. Sandbox and full device governance. Each have their own merits, but eventually large vendors will offer both eliminating the need for the smaller less adopted technologies.

Summary

The MDM market is changing rapidly and evolving as fast as the device landscape. Be wary of the mushroom companies and stick with the larger corporations to ensure longevity of investment rather than adopt mushroom technology for the sake of gimmick feature set. It’s time for consolidation in this market so expect this soon.

The Author — Ricky M. Magalhaes

Ricky M. Magalhaes avatar

Ricky M Magalhaes is an International Information Security architect, working with a myriad of high profile organizations. Ricky has over 16 years of experience in the security arena covering all ten domains including best practice and compliance. Ricky is a strategist on security and innovating creative ways to achieve compliance and mitigate risk, to many blue chip entities and forms part of the advisory boards to many organisations worldwide.

Latest Contributions

Featured Links