Uncovering the next generation of mobile security

By Isaac Daniel, Founder and CEO of Macate.

  • 6 years ago Posted in
Mobile security is a complex landscape in today’s digital world. With the rise of the Internet of Things (IoT) and its multiple end points to the numerous different handset options on the market, securing mobile devices is a multifaceted challenge. As cyberattacks become more sophisticated, telecoms and Mobile Service Providers (MSPs) are under increasing pressure to protect both customers and their own networks.

Even in the last 18 months, there has been a significant shift in approach towards mobile security. At one time, it could be said that data ‘belonged’ to a device. However, today with the proliferation of cloud technology, data roams free and users can access almost any information from a device that can connect to the cloud. The focus has rightly shifted from managing and protecting devices to securing the data itself – a game changer in mobile security.

Today’s security challenges

There are two main threats to mobile security today – cyberattacks and the IoT.

Mobiles are a key target for hackers as they contain some of the most sensitive data both businesses and consumers have. From text and call history to personal and financial data stored on the various applications and the in-built microphones and cameras. Attacks like the Pegasus mobile botnet are becoming more prolific, and pose a real challenge to MSPs and telecoms who are tasked with mitigating cyberattacks.

However, the biggest threat to mobile security is the IoT. Gartner has predicted we will reach 50 billion connected devices by 2020, and the global net-worth will reach $6.2 trillion. By the end of 2017 alone, consumer devices will total $725 billion in net-worth. While the IoT brings many benefits, not least the ability to connect with anyone anywhere and at any time, through connecting hundreds of thousands of devices via the internet with little in-built regulation or security, we have created a haven for hackers. Last year we saw hackers deploy large-scale attacks such as Distributed Denials of Service (DDoS), taking advantage of the poorly secured networks and end-points that make up the growing IoT.

Uncovering tomorrow’s mobile security

While there are significant security challenges facing MSPs and telecoms, it can’t be denied that mobiles are still far more secure than their desktop counterparts – this hasn’t come about by accident. MSPs and telecoms have been working on safeguarding mobile OSs since the boom in mobile adoption in the 90s.

One of the most popular security protection methods is sandboxing, which mitigates potentially vulnerable applications by limiting the amount of access it has to other areas within the device. ‘Sandboxing’ the application means that any vulnerabilities that are exploited are contained within a small part of the device. This controls the damage that any malware could potentially wreak – although as with anything, there are always cases where this protection isn’t enough to prevent widespread damage to networks and devices.

Tomorrow’s mobile security model will be centred around full end-to-end encryption – for both mobile devices and entire networks. Cyberattacks can come from anywhere, whether that be from a network intrusion via poorly secure Wi-Fi or a malicious application on a device. Ensuring mobiles have scalable encryption that modifies the encryption depending on the Advanced Encryption Standard (AES) of the user’s IP address, as found on the Genio phone, will provide this much-needed end-to-end encryption for mobile devices.

However, encrypting devices alone will not hold the hackers back for long, and only solves half the problem. To create a truly secure mobile ecosystem, telecoms and MSPs must encrypt their entire networks as well as devices. Services like the iOME IP-based telecom solution offer the required end-to-end encryption across whole networks, a positive step in the right direction.

What is needed in the coming months is for the industry as a whole to come together to develop regulations and best practices for how to integrate a holistic encryption approach across the whole ecosystem. At the end of the day, the focus is and should be on protecting data and ensuring that malicious attacks on mobile devices and wider telecom networks can be mitigated.

By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Nick Heudecker, Senior Director at Cribl.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.
By Michael Queenan, co-founder and CEO of Nephos Technologies.
By Jim Fulton, Senior Director of SASE and Zero Trust.
By Tawnya Lancaster, Lead Product Marketing Manager, AT&T Cybersecurity.