First off, a big thanks to Charlotte and Kevin from SMobile for this exclusive. Today I had the opportunity to speak in conference call with Kevin Thomas, Vice President of Business Development of SMobile Systems, and the security concerns of the Apple iPad coming aboard to the Mobile World. There’s a lot of excitement, a lot of anticipation of the great things Apple has in store, but what about the risks?
In speaking with Kevin, he discussed Apple and how there are big things to be expected because everything that Apple touches is with a Midas touch. Apple has revolutionized the wireless market and has caused a stir by moving other wireless technology to try and match and keep up. Apple in essence, is a product innovator. The new iPad is a 3G device, has the ability to access the WiFi connections. It is very much like the iPhone. It can connect to various networks, but the WiFi networks are open and unsecured connections.
WiFi is an open network, and carries the threat of the “Man in the Middle”. In other words, there’s a possibility of your information being intercepted. And WiFi is everywhere. It’s available everywhere from hotels and airlines like American Airlines, to certain places like McDonalds and even coffee shops. The Man in the Middle is a a reader that skims information as it’s intercepted. There’s no mechanism with the iPad to detect such a threat. SMobile has the software with a solution.
Apple uses Baseline technology, basic encryption is it. With companies excited such as Apple for their new products, they have the focus of the wow factor and revenue, but security tends to be lost in the whole factor. The underlying OS of Apples and even Android systems are an underlying UNIX type OS. The iPad appears to be a larger yet similar type of iPhone alteration. Apple is against restrictions, as the Android system is. They are about downloading all the apps you want when you want, with unrestricted use, and therefore not limiting functionality. And yet as you’ve read about the security issues of the iPhone beginning with Shoes and continuing especially on jailbroken iPhones. Apple has yet to provide security vendors the appropriate operating system permissions to function on non-jailbroken devices.
SMobile detects not only viruses and threats such as that, but Spyware and Adware that are potential threats. All app stores in the Eula state that they are not responsible for viruses or malware from the store. So example a banking app comes out and several users download it because it’s free, and so they put their information in. But guess what? It wasn’t an approved app from the banking institution, but a cleverly designed app by a very clever hacker and now your information is compromised. It’s scary because it’s happened. SMobile has the ability to detect these apps and delete them.
Now there is a Trend-Micro app available in the Apple Store for the iPhone, but it’s actually a browser that warns you of a site being a potentially threatening site. But it doesn’t stop you and you have to literally give up Apple’s revolutionary browser to use it. Most users don’t want to do that because the browser of Apple is part of the iPhone experience. Now this app or browser is collecting data, so perhaps Trend-Micro has something else in the wings, but who knows. There are so-called “security” apps in the Apple store, but they are not true security apps.
SMobile has the SMobile Shield products for the following OS platforms: Android, Windows Mobile, Symbian, Palm, and BlackBerry. They actually have the ONLY patented Security Shield available for BlackBerry and the Android. Now since the discovery of Google’s Android OS vulnerabilities that have become well-known , there have been other “security” apps available, but not one has come close to SMobile Systems either in name or as long as they have been doing what they do. SMobile Systems was founded in 2002. They have experience in security and specialists who know what to look for. For instance, Daniel Hoffman, the Executive Vice Pres. and Chief Technology Officer. Dan is one of the world’s leading mobile security experts. He himself has had over 15 years direct experience securing mobile technologies. Dan is the author of two books. His book “Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise” (Wiley 2007) is the most comprehensive guide available for securing mobile device-related threats. Dan is a Certified Information Systems Security Professional (CISSP), a Certified Ethical Hacker (CEH) and a Certified Hacking Forensic Investigator (CHFI). Professionals like Dan with years of experience make up an organization dedicated to securing your mobile device and stay one step ahead.
So now I’m going to go into the mobile side of the conversation that leads to BlackBerry. RIM still has a focus on enterprise with 55% of the the smartphone ration being enterprise. They have 44% still in the consumer market. To make things simple and clear: BES is actually the only side of BlackBerry use that is secured. The policy driven BES restricts functionality but also protects the information on the device. BIS on the other hand has point-encrypted email. Functionality is not limited and therefore it’s open to malware, spyware, and such. To check out what I’m referring to, go see the SMobile Systems Global Threat Center. Your BlackBerry under BIS is not secure, and is open to vulnerability each and every time that you download an app.
For some businesses who cannot afford the high costs of a BES server, or for those who want to secure their phones have another option. Especially if you have a cross platform of devices. This is happening more frequently. Whether it’s a small or large business, you might have a few employees with a BlackBerry, but then some that have a Google Android device, or a Palm device. So only the BlackBerry can be on a BES. But SMobile also offers the enterprise version which is like BES but supports all those platforms. You can log in, activate a firewall, activate the antivirus, set how often it updates, track the phone, do a remote wipe if it’s lost, lock it up, and back up and restore. All from a pc with a dashboard you control. The price of protecting your smartphone whether it be personal or enterprise is by far cheaper than finding you’ve installed a remote dialer trojan that will send your phone bill skyrocketing, or an app that a clever hacker has designed and cleaned your bank account.
I asked Kevin what recommendations he had for Mobile Security Tips.
- When not using your Bluetooth, turn it off. (Blue-jacking is possible).
- When using WiFi- make sure it’s recreational only, do not attempt financial transactions on it.
- Use a trusted security app for your phone. Make sure the app you’re downloading is one that one that has reviews and is by a name you can trust.
You’re going to see more about mobile security because when you think about it, our smart phones are really miniature laptops with voice. They have the capability to do many things and leave us at risk. And while WiFi is a great thing, be careful what you’re putting out there. I’m going to be covering more about security because we need to be aware. It’s not true that what we don’t know won’t hurt us, and ignorance is not bliss. We need to be aware that every day there are hackers who are coming out with greater ways to retrieve information, and there are specialists out there who are trained “hackers”, ready for them to try.
SMobile Systems not only do Anti-virus, they also have solutions for Identity Theft, Anti-Theft, and monitoring your child. A special thanks goes out to Kevin and Charlotte who took the time to go over this information and allowed me to ask questions so I could present it to you.
If you have any questions or concerns, please leave a comment and let me know what they are.