Data breaches have certainly dominated the headlines during the past few months. The dust hadn’t settled around Stuxnet when the Sony and RSA incidents occurred.
We have also seen less complex mobile phone “hacking” that has closed a national newspaper and dominated a government’s agenda.
Now, recent reports have shown an increase on smartphone attacks with increased app, Android and iPhone incidents as hackers attempt to ascertain the treasure trove of personal information users are now keeping on their mobile phones. Is this the next fraud frontier?
Although there may be some similarities between smart phone security and server security in the enterprise, the problem could actually be much larger, maybe even ten-fold in the mobile world.
There are many factors that cause this including unknown developers offering apps and the unique security challenges that make it difficult to build trust on a mobile phone.
Just as the enterprise has worked to provide increased server security, the mobile industry will need to do the same now that the data available on a smartphone can be just as valuable as that on a server.
Everyone from phone providers to app stores should look at how enterprises have increasingly adopted hardware platforms such as hardware security modules (HSMs) as best practice for secure encryption and cryptographic key protection, and reflect on how the explosion of mobile devices will drive similar security requirements in an accelerated fashion in this highly mobile world.