In just over three years, 70% of the world will own a smartphone that stores everything about their lives. The total number of connected devices is expected be around 34 billion, including tablets and other devices enabled by the Internet of Things. While increased connectivity has its benefits, the vast network of devices presents hackers with a near-perfect opportunity; mobile security is the need of the hour.
The growing prevalence of a Bring Your Own Device (BYOD) work culture makes enterprises especially tempting targets. Globally, a startling 92% of organisations have expressed concern about the security of their mobile workforce. The threats are increasingly sophisticated: the Miral botnet used DVD players and other connected devices while Pegasus virus could ‘jailbreak’ a phone to access information.
While approaches such as sandboxing – limiting unknown software to a certain area – or more effective encryption, are welcome, mobile security is vulnerable. Even good user habits such as updating security patches or locking a device with biometric authentication can only protect it from direct access or vulnerabilities that the manufacturer notices.
New Methods, Machine Learning to the Rescue
Hackers attack a platform using the same knowledge and methods that IT teams employ to defend it, which gives the attackers the upper hand. To level the playing field, future mobile security software could be combined with hardware to create an isolated ‘safe space’ where data is stored.
This should ideally be platform-agnostic, and will reduce the need for more expensive solutions such as a locked down phone. Such a solution would also allow IT teams to build specific solutions for the hardware-isolated container, limiting the effectiveness of any potential hack.
Another way to limit the damage of any hack is to distribute the target. Cloud servers – which store the data your phone backs up – are centralised. If breached, a total compromise of data would occur. Contrast this with a block-chain, where digital information is distributed in its various links. The chain functions using a ‘consensus’ mechanism, verifying each link periodically. Altering anything would require a huge amount of processing power to override established rules, which could be easily identified and addressed.
In terms of analytics, artificial intelligence that uses machine learning tools could help teams understand user behaviour and other patterns to determine any threats. The system could automatically highlight vulnerabilities which developers can then easily fix, reducing the response time to a threat.
Companies need to undertake regular training and awareness programmes to inculcate basic habits at the employee level, while IT teams should be looking to implement the latest analytics and software. The average security breach costs $3.6 million according to estimates; with such financial incentive, businesses must invest in a more secure future. Mobile security technology and training should be seen as an investment and not a cost or expense and it should feature in all periodical budget plans for best results.
