תפריט נגישות

Mobile Security - Is SW Enough?

המאמר דן בבעיות אבטחה של מכשירים ניידים. (המאמר בשפה האנגלית)

Security on mobile devices (notebooks, smart phones, PDAs, specialty devices) continues to be a major challenge as companies struggle with increased levels of attacks and as mobile devices become the preferred platform for enterprise users. We expect notebooks to represent >50% of enterprise PC deployments within 2-3 years, and >85% of enterprise users will have a smart phone devices within the same timeframe. It is clear then, that mobile security must be at the forefront of most enterprise’s security planning.

Most companies currently focus on protecting PC machines by providing anti-virus (AV) and firewall capabilities (and MSFT is adding those capabilities into its platforms, though not for free in the case of AV). Few companies currently provide AV and firewalls on smart devices, but we expect this market to grow dramatically in the next 1-2 years as new threats emerge and awareness grows. But with increasingly sophisticated attacks, and with more complex machines and OSes emerging, can a machine be fully protected through AV and Firewall SW alone without killing it’s performance? The move to multicore chips and virtual machines will help, as security can run effectively in parallel with user apps instead of competing for resources, but this is not a panacea. And current security subsystems (e.g., TPM chips) only tackle part of the problem. It may be time to consider an alterative, dedicated HW solution to tackle increasing threat levels.

We expect the effort to protect various devices to move from the purely SW directed approach prevalent today, to one using more sophisticated and harder to break technology that includes external HW devices. These devices can be assigned to a user and can easily be managed from a corporate location (via connection over broadband networks to a management server), and can easily be moved to other devices, or even to the front end of a small network (e.g., in front of a wireless hub in a home network) to protect multiple machines. While these devices currently are stand alone external devices (e.g. a start-up, Yoggie Systems created a credit card sized external security appliance, consisting of firewall, data scanner, AV, etc.), there is no reason these HW devices can’t ultimately be integrated into machines, as other technologies have (e.g., network cards, wireless).

While not the perfect solution, the personal HW security appliance does provide some real benefits that, if conveniently provided at a low enough cost, could raise the level of security of computers. First, it could bypass the need to keep the OS patched to stay ahead of the hackers – a near impossible task. Next, it would provide the ability to enhance a firewall with incoming and outgoing data traffic monitoring to allow easier detection of problems (e.g., remote controlled bots on a machine). Third, it would allow policies to be set by an enterprise or trusted source (e.g., access to corporate assets only from a specific network and/or specific machine). Finally, it could more easily track virus-like behavior by examining specific packets of information using a heuristics model (although a local AV product on the machine will still be useful). These devices would need to be upgraded periodically with new algorithms via a subscription service – much like AV is currently.

Bottom Line: While Yogie’s system is one of the first to come to market at an attractive price, we expect to see a variety of devices become available in the market in the next 2 years, at price points well below $100. However, in order to be successful, these devices must be extremely simple to deploy (e.g., minimal end user setup requiring no specific technical skills). They must also prove they are not vulnerable to attack by hackers. Finally, they must not significantly impact the performance of the machines and/or networks they are meat to protect. Ultimately (3-4 years), we expect this capability to be embedded in each machine rather than continue as external devices users must carry (and misplace/lose).

 כותב המאמר הנו:

Jack Gold

jack.gold@jgoldassociates.com

פרסום באתר