While mobile security has been a focus of concern for some time, 2012 is likely to be the year these issues start coming to a head.
This is according to Charl van der Walt, Co-Founder and Managing Director of SensePost. He says SensePost is spending a growing proportion of its energies addressing mobile security issues now.
“This is not so much because mobile is inherently less secure,” he says, “but rather because of the massive uptake of mobile and the unprecedented degree of connectivity involved.”With the number of mobile devices such as tablets and cellphones set to outstrip the number of PCs and laptops in use soon, and with some forecasts expecting more people in sub-Saharan Africa to have mobile access than electricity by 2015, it is clear that mobile computing is big. “It's not just big,” says Van der Walt. “It's game-changingly big in terms of scope and volume.”
While the security threats against mobile computing may not be very different from those traditionally faced in the world of computing, the scope of mobile poses some “interesting new challenges”, says Van der Walt.
“You have to look at the threat model from the points of view of conventional IT security, privacy, control and management.
“But the challenges come in when you consider the degree of connectivity – you have WiFi, 3G, GPS, Bluetooth and NFC. People are connecting, transacting and communicating from a single, trackable device. In a sense, people are indistinguishable from their mobile devices – they know where you are, where you have been, who you communicate with and what you say. We have reasonably little control over this platform, leading to new debates on privacy and control. How this pans out remains to be seen.”
In addition, he says, unlike in a server environment, in the mobile world, who takes responsibility for upgrades and patches on the operating system is ill-defined.
“We don't think there will be significantly new types of vulnerabilities entering the mobile space, but there will be lots of vulnerabilities. And in light of the scale of mobility and the lack of central management, we are looking at what promises to be a very interesting security challenge,” says Van der Walt.
Van der Walt will discuss mobile computing and security challenges at the annual ITWeb Security Summit, to be held from 15 to 17 May 2012, at the Sandton Convention Centre.
For more information and to book your seat, go to www.securitysummit.co.za.
Our comments policy does not allow anonymous postings. Read the policy here