We still call them phones, but the hype preceding every big new release from Apple, Samsung and Google is really driven by the hot new data services they enable. Web access, email, instant messaging are all old hat. The killer apps today let you stream music and video, make purchases at the point of sale and scan your location for everything from the nearest taco stand to a hot date.
Meanwhile, as the applications multiply on our smartphones, so do the data networks we’re accessing with them. We can download sale figures from the company network on the same device that we use to update our investment portfolio, check live sports feeds or book flight reservations on the Cloud. Placing calls has almost become an afterthought.
The security features on today’s smart phones primarily focus on protecting the interests of the network operator, not the user, the enterprise or third party service vendors. Thus, mobile device security has typically been closed, proprietary, and available only to the handset vendor, network provider, and a select few services. This will need to change.
Increasingly, smartphones will need an open solution able to protect all the entities using the device, as well as its applications. They will also need security solutions that support interoperability among all of our network-connected devices, including PCs, tablets and phones.
Recently we saw developments at both the Mobile World Congress in Barcelona and the RSA event in the United States around the potential for the Mobile Trusted Module (MTM), the first embedded data security standard and specification designed to handle the security of multiple smart phone stakeholders.
The MTM shares common interfaces and functions with the PC-based Trusted Platform Module security chips that have shipped in more than a half billion devices. Both chips provide the foundation for an open, interoperable security solution across all device types. The MTM is a robust solution for a broad range of current and emerging data applications in mobile devices, including phones.
For the enterprise, the MTM technology will allow central IT staff to remotely activate MTMs on devices scattered across their organisation, effectively turning them into authentication tokens. It will further allow IT management to measure the health of remote devices, ensuring that only known and uncorrupted devices can access sensitive enterprise networks.
It will further improve interoperability across devices and services. The security credentials embedded in your mobile phone will provide single-password access to your employer’s network and Cloud services, or let you complete transactions on your PC or tablet that you started on your phone. Industry standards groups, including the Trusted Computing Group and the Global Platform, have worked on this solution for years.
Sometimes the most important new feature on your smartphone is the one you never notice. By providing a strong, uniform foundation for the security of smartphone data connections, data loss and network breaches are becoming a thing of the past.