Mobile devices are becoming a new focal point of cybercrime, and current security strategies are proving ineffective. In November, the Financial Times reported (subscription required) that more than 40% of UK businesses had suffered a mobile security breach in the past 12 months, according to BT Group. Contributing factors were growing rates of criminal cyberbehavior, "hacktivism," and state-sponsored aggression focused on smartphones.
Smartphones are becoming prime targets because they contain such a diverse and rich set of information. The "work versus play" distinction is simplistic and outdated. The smartphone is now a hub for professional communication, corporate data access, personal communication, social networking, photography, financial planning, healthcare, gaming, commerce, and even taxpaying. Smartphones could not be a better target.
Forty percent is an unacceptable breach rate. To secure information, protect privacy, and stay productive, we must virtualize our mobile devices. With the ability to create separate mobile OS instances, customize each environment, and move between our digital lives with a swipe of a finger, we can put up a real defense without sacrificing usability.
The new virtualization
Mobile virtualization is now possible because we have evolved beyond Type 1 virtualization, which is ideal for servers but too taxing for mobile devices. We can overcome the resource constraints on smartphones by using OS-based mobile virtualization, which adds only a minimal footprint at the kernel level of the device. The same way Type 1 virtualization can divide one server into multiple virtual machines, mobile OS virtualization can divide one smartphone into multiple virtual smartphones. Since instances run within their own namespace, they are secure and scalable, and they preserve the overall user experience.
Rather than packing every mobile use case into one OS instance -- and leaving corporate data or financial information as vulnerable as family photos -- we can create customizable OS instances for groups of use cases. For instance, you could have a professional OS instance that is encrypted, contains only corporate approved apps, and connects only to secure WiFi networks. A separate personal communication OS instance could handle regular text messaging, calling, and social networking with security measures chosen by the user. A third OS instance could handle financial planning and healthcare.
The key point is that businesses can use mobile virtualization to secure everything that matters -- without impinging upon employee privacy and choice.
Elevated security
Mobile virtualization is particularly important because the most common mobile security approach, containerization, has proven inadequate. Mobile containers are used to encrypt and separate sensitive apps in one area of a device, but the apps still have to communicate with the device's hardware (e.g., the screen or keyboard) to function in the same namespace as other, unprotected apps.
If you or your kid were to download an app with malware that infected the device, the virus could easily intercept these communications and scrape sensitive information that containers are supposed to protect. It's easy to install malicious apps that seem harmless, especially now that attackers are disguising malware within seemingly legitimate apps. As the McAfee Labs Threat Report found in June, 79% of Flappy Birds clones (Angry Birds spinoffs that were pulled from the store after 50 million downloads) contained malware. By the time the company released its August Threat Report, there were more than 4.5 million known mobile malware samples in circulation, and criminals were producing roughly 700,000 new ones per quarter.
If we begin using virtualization to create separate OS instances for games (and finance, social media, etc.), malware on the gaming OS can't intercept communications on the work OS. The malware doesn't even know the other instances or apps exist. Where containerization fails, mobile virtualization can excel.
Ending the clash between privacy and choice
By producing separate OS instances for every use case, mobile virtualization will finally allow businesses to implement security policies without encroaching on employee privacy and choice. Mobile device management (MDM) solutions are extraordinarily effective and vital to security at many organizations, but employees hate the idea of giving their employer the ability to blacklist apps, geo-fence tools, or lock and wipe all the content on their phones.
Mobile virtualization can eliminate this issue by allowing employers to install MDM on corporate OS instances without having any effect on personal OS instances. It will allow us to encrypt, customize, and, if necessary, lock and wipe corporate instances without touching data on the rest of the device.
When 40% of businesses in a country have suffered mobile cyberattacks, we know our current paradigms of security are failing. If we have vulnerabilities in our mobile security policies, they will be exploited sooner or later. Smartphones contain far too much personal and corporate information that is of value to cybercriminals. We need mobile virtualization to achieve security without sacrificing privacy, choice, and overall user experience.
Comments
Network Computing
User Rank: Apprentice
Wed, 12/31/2014 - 11:34
Mobile devices are becoming a new focal point of cybercrime, and current security strategies are proving ineffective.
This is not suprising, today phones are not only for messaging or calling, rather they have e-mails, official mailbox, bank account, credit card details, social networking sites, almost everything is now on smartphones. They prove to be rich and worth for hackers.
Network Computing
User Rank: Apprentice
Wed, 12/31/2014 - 20:21
@virsingh211: Yes, I agree that smartphones are used for practically anything nowadays - even transactions that we used to consider personal and confidentia. Many of us like the fact that smartphones allow us to do all these transactions conveniently no matter where we are or what time it is in the side of the world we are in. In other words, smartphones make life easier for many of us. But, yes, it is also because of all these that mobile devices have become serious targets of hackers. I believe that it is also for these reasons that industry experts and leaders come up with different security measures and technologies for mobile devices. But mobile virtualization is definitely a step ahead of the pack primarily because it really does something to protect data. We'll need to further explain the technology, though, to make people understand how their smartphone data can be isolated and kept safe. It's a fairly new concept, but anything that works will be a welcome respite from all the troubles caused by smartphone hacking.
Network Computing
User Rank: Apprentice
Mon, 01/26/2015 - 09:17
I wonder how we have become so complacent with the data that we store on a smartphone, is it because they are so small or is it because we believe that nobody is going to be able to access the precious personal and financial data stored on the device?
Network Computing
User Rank: Apprentice
Mon, 01/26/2015 - 09:17
I wonder how we have become so complacent with the data that we store on a smartphone, is it because they are so small or is it because we believe that nobody is going to be able to access the precious personal and financial data stored on the device?
Network Computing
User Rank: Apprentice
Tue, 01/27/2015 - 04:28
Network Computing
User Rank: Apprentice
Tue, 01/27/2015 - 22:34
It is a funny concept that we shop, bank and pay for items in some stores using apps etc, and yet we think nothing of the safety and security of the data that we are sharing or exposing to ID theft.
Network Computing
User Rank: Apprentice
Sun, 02/08/2015 - 22:38
"It is a funny concept that we shop, bank and pay for items in some stores using apps etc, and yet we think nothing of the safety and security of the data that we are sharing or exposing to ID theft."
David, where ever you pay, as a customer your involvement is important; It can be using a few clicks or swiping the card.
Network Computing
User Rank: Apprentice
Thu, 01/01/2015 - 18:54
"This is not suprising, today phones are not only for messaging or calling, rather they have e-mails, official mailbox, bank account, credit card details, social networking sites, almost everything is now on smartphones. They prove to be rich and worth for hackers."
Virsingh, the reason is very simple, mobile density is more than any other digital devices. Majority of users are using mobiles, especially smartphones for online transactions.
Network Computing
User Rank: Apprentice
Mon, 01/26/2015 - 09:12
It is amazing how we guard our laptops with such tight security and yet think nothing about downloading third party apps to our smartphones that have almost all of the same data and information on.
Network Computing
User Rank: Apprentice
Thu, 01/29/2015 - 10:00
Not only should we be concerned about cyber hacking, but we also should be concerned about having our security breached when we misplace our phones/phablet. The concept sounds so simple, yet we often overlook it and assume we will never lose our devices or have them stolen.
Network Computing
User Rank: Apprentice
Sun, 02/08/2015 - 22:34
"Not only should we be concerned about cyber hacking, but we also should be concerned about having our security breached when we misplace our phones/phablet. The concept sounds so simple, yet we often overlook it and assume we will never lose our devices or have them stolen."
Angelfuego, that's very true especially in view of BYOD policy. Most of the companies have installed cloud solutions in their devices and hence no data is storing locally. Moreover, it can be easily wipeout the stored credential from local machines by using remote software.