Security in the Post-PC era: smartphones and tablets require more security

It wasn’t too long ago that the “smart” mobile space was comprised entirely of Nokia devices running Symbian, Sigelman observed. He said his job, the job of AVG Mobile, and that of the rest of the security industry will be to anticipate how these mobile devices will be used in the future.

“Computing in general is moving toward mobile...post-PC devices, more accurately. These days, many devices are not PCs, but they are not necessarily mobile”, making reference to the vast array of IP-enabled devices.
“We do not have a crystal ball, but we need to do our best to understand the threats, how people will use their mobile devices, and what needs they have”, he said. “If you combine these three together, you start to get a good picture of where mobility is going.”

Based on some of the assumptions made using this framework, Sigelman sees mobile devices of the future as – rather than standalone devices – part of a group of devices. He says to think about the toaster or refrigerator in your kitchen and how they will soon (if not already) communicate with devices like your smartphone. They can be grouped by either personal or enterprise use, and they will comprise an entire mobile ecosystem.

“We are talking about clusters”, he added. “The kind of interactions they have in the future” will be a primary concern of the security industry.

One of the things that complicate the mobile security landscape is the handful of major operating systems that make it up – each requiring a separate approach to personal and enterprise security, Sigelman noted. Regardless of operating system, however, the most vulnerable aspect of these devices are the software they run, with each operating system bringing to the table both positives and negatives.

“All of IT, not only mobile, is going toward the crowd and open source”, he said referring to the Apple vs. Google battle currently taking place in the mobile marketplace. “It has taken a strong turn into mobile...and now we have a war of different approaches – centralized versus open.”

Sigelman was not afraid to predict that the war would likely be won by open-source operating systems, but admits there are problems with open-source mobile app code. “It’s open source, so the code can be much better because a lot of people can work on it and improve it. The good guys can see it”, but he was quick to add that, “but the bad guys can see it as well”.

“If you address this simple fact in the correct way, you can manage it in the right way, and over the long term it will be a better system”, Sigelman asserted.

Sigelman and AVG Mobile have been working on mobile security solutions for more than three years, before the first-generation Android platform was released. In those three years, however, little has changed regarding user’s attitudes toward the need for mobile device security.

What’s disturbing to Siegelman is the relative lack of awareness among mobile device users that the products they hold in their hands are nothing more than pint-sized PCs. People understand that their data is transmitted by online apps when using a PC, he lamented, but most are unaware that smart device apps transmit large amounts of the user’s data – oftentimes even financial data.

Siegelman, whose own company provides both free and paid security apps for Android devices, says that most people treat their mobile device differently, and fail to secure it properly. What’s more, many personal smart devices contain far more private information than a PC – including banking details, locations, contacts information, and so on. “These devices are much more personal”, he said incredulously. “Yet most people don’t perceive them as something that actually needs more security”.

He also agrees with many analyses regarding the anticipated onslaught of mobile malware, saying it’s all about market share, and the Android mobile operating system is gobbling it up at a breathtaking pace. “It’s not about the technology, and it’s not about the OS”, he added. “We see bad guys moving from the PC to mobile because the market is becoming bigger, more mature.”

What’s hot on Infosecurity Magazine?