Smartphones and PDAs have grown more capable and connected, but many mobile professionals use these devices without protecting the data they store and send. ISPs can offer mobile security products and services to help subscribers mitigate these risks. In Part 1 of this series, we introduced common mobile device capabilities. In Part 2 of this […]
Smartphones and PDAs have grown more capable and connected, but many
mobile professionals use these devices without protecting the data they
store and send. ISPs can offer mobile security products and services to
help subscribers mitigate these risks.
In Part
1 of this series, we introduced common mobile device capabilities.
In Part
2 of this series, we described security threats, and OS defenses
Here in Part 3, we explore after-market products that can be re-sold
or used as a platform for offering secure mobile networking services.
Today’s Windows Mobile, Symbian, Palm, and BlackBerry-based devices
incorporate a number of built-in security measures, from power-on PINs
and secure web browsers to crypto libraries and privilege levels.
These measures provide basic defenses against threats like misuse of
a lost device, wireless eavesdropping, and system file tampering. But
that still leaves plenty of room for after-market solutions that add required
functionality or enable IT control over otherwise unmanaged mobile devices.
Access controls
Basic device locks can be strengthened by policy enforcement programs
that ensure PINs or passwords meet minimum security standards for length,
complexity, uniqueness, and freshness. Some of these programs can also
disable or hard-reset a mobile device during a password-guessing attack,
or let users safely recover a forgotten PIN without requiring a return
trip to the office or a help desk call.
For example, TealLock (see above) defines Quick, Full, and Emergency
passwords. Users get just one try at entering their short password. If
they fail, the longer full password is required. If a user forgets his
full password, the emergency password can be used to unlock the device.
Alternatively, PINs or passwords can be replaced with authentication
methods that make mobile devices easier to use legitimately and/or harder
for a thief to compromise. For example, VoiceSecureIt lets a user unlock
her Palm PDA or smartphone by speaking a defined “voiceprint phrase” instead
of typing a PIN. One of several alternatives implemented by SafeGuard
PDA is X.509 certificate logon using an MMC card (i.e., logon fails if
the PDA is stolen without the user’s MMC card).
Compared to laptops, PDAs and smartphones are used more frequently for
shorter tasks, requiring these mobile devices to be instantaneously available.
Access controls that get in the way tend to get disabled; this is why
most OS-supplied PINs go unused.
To balance usability and security, some mobile security programs let
you control access more selectively—for example, requiring a user
password to read e-mail, an administrator password to install software,
but no password at all to answer phone calls. Instead of locking the device
itself, these access controls may actually unlock encrypted data associated
with the application (e.g., phone book, mailbox, registry).
This article was first published on ISPPlanet.com.
Ethics and Artificial Intelligence: Driving Greater Equality
FEATURE | By James Maguire,
December 16, 2020
AI vs. Machine Learning vs. Deep Learning
FEATURE | By Cynthia Harvey,
December 11, 2020
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2021
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
