I was interested to read an article in V3 last week suggesting that smartphones and tablets are not primary targets for hackers. This suprised me, as whilst it can be argued that mobile threats may currently not be as dangerous as those facing desktops, the potential for damage going forward is huge! As mobile usage continues to evolve, cyber criminals are increasingly shifting their focus away from traditional PC-based scams towards the mobile world and this trend is only going to get worse. Mobile devices are uniquely linked to money in a way that desktops aren’t. With a mobile phone, users usually have the ability to make ‘one click’ purchases, whereas on a desktop most users are required to enter in their card details.
Mobile security threats may still be in their infancy, but it is only a question of time before these develop. Desktops may have been around for ages, but mobile security is still growing – this doesn’t mean we should neglect it – if anything it should be implemented now – to protect users from the evolving threats of the future. Moreover, as tablet and smartphone penetration continues to grow, and the consumerisation of IT develops, the data stored on mobile devices will become similar to that on a desktop. Mobile devices will provide hackers with a back door into a company’s network –the chances of employees losing a smartphone or tablet are considerably higher than losing a desktop – therefore mobile security, should not, and could not be ignored.
In my opinion, the main challenge hindering the growth of mobile security, is not the fact that the problem is not severe enough, but instead confusion over where the responsibility for protection against such threats lies. Does responsibility sit with the handset manufacturers, the mobile networks, the organisations or the staff themselves? The answer is in fact a combination of all of the above.
Whilst on-device security measures are becoming more common and certainly have a role to play, they alone cannot offer the levels of protection that users, businesses and mobile operators require. In the modern organisations of today all employees need to be quasi-security officers, while mobile network operators must take the lead in mobile data content and connectivity protection - enabling organisations to protect themselves and their employees.