Questions 1) How many people have at least one smart mobile device that you use for business? 2) How many people have Android? 3) How many iOS devices? 4) How many people have jailbroken devices? 1
1. The Smart Mobile Device Environment 2. Rising Risks and Concerns with Smart Devices 3. Managing Mobile Devices In The Enterprise 4. Other Issues and Concerns 2
3
They are everywhere • At the end of 2011, there were 6 billion mobile subscriptions, worldwide • That is equivalent to 80 percent of the world population • In the US mobile cellular subscriptions 100% of population • In Europe around 120% • Other areas ranging from 74% to over 150% 4
• In terms of geographic distribution smart Mobile devices are everywhere • Developing nations might be currently lagging behind in total numbers and per capita use • However developing nations also among the fastest growing smart mobile user base • Partly because there is very little terrestrial infrastructure for other forms of connectivity like fixed wire line telephone or broadband service • Its cheaper and easier to build a cellular infrastructure than a wired one • And that infrastructure is less likely to be washed out by a flood or damaged by an earthquake 5
When it comes to Internet connectivity, mobile broadband usage eclipses fixed wire-line broadband services • Vastly more people have a mobile broadband connection than a fixed broadband connection • This is true even in the United States, where there are almost double the number of mobile broadband vs. fixed broadband 6
1. Smart mobile devices have had a phenomenal adoption rate • The iPad has the fastest adoption rate of any technology, ever, possibly eclipsing even the wheel, or fire if you believe Apple 2011 numbers are a huge increase from 5.4 billion in 2010 • and 4.7 billion mobile subscriptions in 2009 – up over 50% in some areas Market growth is being driven by demand in the • developing world, led by rapid mobile adoption in China, Africa and India Mobile subscriptions outnumber fixed lines 5:1 (more so in • developing nations); Mobile broadband outnumbers fixed broadband 2:1. • Total smartphone sales in 2011 were almost 500 million • units up over 60 percent from 2010. This makes smartphones about 32 percent of all handsets shipped. 7
Looking at smartphone growth, In terms of the major players in • the market, I don’t think there is a lot of surprise here When it comes to hardware sales, the top five smart • phone vendors worldwide in 2011 were Samsung, Apple, Nokia, RIM, HTC Of those Nokia sales declined 23% and RIM’s sales were • almost stagnant at 5% growth Samsung, Apple, and HTC had a 310%, 96%, and 100% • growth rate respectively Growth by operating system reflects the hardware sales • Android had almost 250% year on year growth 2011 vs • 2010 iOS had almost 100% growth in the same period • Interesting newcomer Bada from Samsung – aimed at • being a low end smartphone OS for not so smart hardware platforms – small market share but huge growth – worth keeping an eye on Nobody else in the market even comes close –Symbian • and Windows phone had negative growth 8
• What are the driving factors for integrating smart mobile devices into the enterprise? • One that is often talked about is cost reduction • That is, off setting the cost of corporate provided or corporate subsidized handsets by allowing employees to to use their own devices • Quite frankly, I have never seen any numbers to support the cost reduction argument, MDM vendors are also backing away from it • Another factor that is often discussed in the media is increased productivity • Again, I have yet to see any numbers supporting this claim • I do believe there is a significant potential value, as new and imaginative ways of leveraging smart mobile devices arrive, • there may be some other arguments to support enterprise mobile device integration • And as we will see, there are some significant concerns that need to be considered 9
Considerations What are the goals for allowing mobile devices into your enterprise? How can you measure how well you achieve these goals? What data will and will not be allowed on mobile devices? Which employees and contractors will be allowed to connect? 10
11
• Based on some recent surveys, there is at least C level recognition of the risks associated with mobile devices in the enterprise • Given this level of concern, and in light of the amount of customer data stored on mobile devices, • it is definitely worth taking a hard look at the risks and potential mitigating factors when considering mobile devices in the enterprise 12
• So what are the security concerns with smart mobile devices? • Well, obviously given that there is customer data stored on half of the devices used for business, physical security of the device is a huge concern • Stored data, including access credentials, is at risk anytime a devices is lost, stolen, an employee leaves the company, the device is recycled, or sold on ebay • How can the enterprise be sure that sensitive data, or network access, does not into the wrong hands? • Encryption of locally stored data is available in iOS since about iOS 4.3, as long as a passcode is configured • iPad2 and iPhone4 and later have hardware based encryption • Android is a different story, no device encryption until 4.0 aka Ice Cream Sandwich, and then it depends on vendor support • Even more troubling however, is the official stance by both Android and Apple that ultimately the security of the device rests with the end user • Obviously a disturbing position for those with responsibility for securing corporate data 13
• Second to the physical security issue, but rapidly gaining ground, is the mobile malware risk • Mobile malware is becoming more and more sophisticated • Mirroring malware in the desktop world, but evolving at a much greater pace • 2011 saw an incredible growth in mobile malware • over 1,500% as compared to 2009, almost 370% over 2010 • Amost a 2,000% increase in December vs January • 2012 is on track to be the year of mobile malware • Mobile malware is borrowing technology from the desktop world • adapting to not only the mobile technology, but the mobile usage patterns • In particular leveraging social networking and social engineering approaches • By far the greatest growth in malware is in Androids • Last week the first Android Bootkit – DKFBootKit – was discovered – raising the ante again • DKFBootKit piggybacks on legitimate applications to infect the device, then replaces key daemons to compromise the device at boot time before the Android framework is fully loaded 14
• Mobile malware exhibits all the same types of behavior we’re used to in other environments • In addition mobile malware can monetize the infection directly by sending SMS messages to premium rate numbers • Further, device features like cameras, microphones, and GPS receivers can all be controlled and accessed remotely • This is a real concern when executives are traveling with devices, bringing them into sensitive meetings etc. • There is some evidence malware authors leveraging this information to gain advantage in stock trades 15
• The Android mobile platform is considered to introduce the greatest security risks from mobile malware • almost 11 million infected Android devices world wide • 472% increase in Android malware July through November last year • China leads the infection rate • India, Russia, and the US roughly equal with a little over 10% of total infections each 16
• Several reasons exist for this, one of the most significant is simply market share • Malware written for Android has the potential to infect many more devices than any other mobile OS • 49% of smart phones run some version of Android • 19% run Apple iOS • 16% run Nokia’s Symbian – However, Nokia is ceasing support for Symbian and moving to Windows Mobile • Symbian malware’s decline mirrors the growth of Android malware, perhaps the malware authors are switching platforms • Only 10% of devices run RIM’s Blackberry OS – RIM is rapidly losing ground to the others • Windows Mobile OS only accounts for 1.4% - and is expected to grow slowly 17
1. However market is not the whole story – to really understand the issue we need to take a closer look at the almost 50% of the market that Android owns 1. While iOS is only available from Apple, and only on Apple devices 2. The Android market is split between Samsung (35%), HTC (24%), LG (11%), Motorola (9%), Sanyo, Sony, and a myriad of smaller players (21%) 3. Each device, and each carrier’s version of that device, has their own slightly different version of Android 4. Each one is tweaked to support different hardware, different software bundles, and other offerings and carrier requirements 5. This presents some significant concerns with respect to platform security, and security of carrier-bundled software 18
Recommend
More recommend