Today, information security is no doubt, one of the major discerning factors that have plagued the Web. With constant evolution, the term information security now is not just limited to securing data stored on desktops, laptops or servers. The increasing trend of Smartphones has diverted major chunk of IT user to itself. And, it has all the reasons for it!
And this has led to Smartphones now playing a much larger role in the distribution of malware. In this day and age, protecting and blocking information theft has become the number one priority not only for enterprises but for users as well. The rise in Smartphones was inevitable and with technology progressing at such pace, it is not a surprise to see them replacing their desktop counterparts in the coming years. Moreover, Smartphones have also now made their way for larger known devices such as the Tablet PC. When combined, these two devices are like a powerhouse filled with options of running and executing your daily tasks - something that laptops are also designed to do but with the added weight and bulk. Who would like to carry a digital device, which is more than three times heavier and more than seven times bulkier than a Smartphone?
Years back, when PCs were introduced in the market, a PC for every household was predicted. However, with the rapid pace in the progress of technology, Smartphones has subsided the demand of both, Desktop PCs and Laptops. Today, every big brand such as Samsung, HTC, and Nokia or a lesser known brand has wide range of options for mobile devices, with variety of price levels.
Mobile devices are now reshaping the communication process across the network. Almost 30% of adults in India gather news using a mobile device, while the recent Olympic event attracted more than 40% of mobile users. Mobile apps are successfully generating 100% revenue per year. On the tablet front, 80% of iPad users use tablet devices for browsing the web. Studies say that more than 600-million users use mobile platform to log into Facebook.
Today, Smartphones and Tablets are also giving rise to Cloud-based storages that basically allow users to store data as well as personal information virtually. Till date, the use of Cloud-based services has attracted a limited number of users. However, in the recent years changes are predicted in this regards as the number of service providers are gradually increasing. We have seen Googles Cloud Drive, SugarSync, Dropbox, iCloud, Box, Carbonite and Mozy cater to the needs of Smartphone users. The freedom that phones provide - Smartphones in this case - are nothing like what they were 5 years back. They give you direct access and control over emails, files, photographs, document editors, etc. More so, they even allow users to connect remotely to their laptops or desktops, which can either, be at home or office.
With so many benefits offered by Smartphone & Tablet segment, there is no doubt that targeted attacks and theft of personal information is only going grow in this segment. Also, Desktops and Laptops cannot be written off completely. Hence, predictions about there will be instances where malware will be programmed to run and execute on both PCs and Smartphones/Tablets. This trend has been observed in the past, and will set new standards in the malware industry. The Android Operating System attracts over 75% of most Smartphones which also makes it the most sought after target by malware writers. As recent as two months, there have been close to 200,000 suspicious programs posted in various app stores. Google Play itself has been home to embedded malware. Instances where rogue apps pose as legitimate applications have been growing by the numbers and users fail to make the difference between a legitimate app and malicious app. In the last three months, there have been records of over 35,000 rogue applications that are made to gather information on the user.
With that being said, Smartphone users need to understand the importance of giving access rights to an application when requested. More than 95% of most Android users overlook the need to check the type of permission an app asks for before installation. Also, use of an Anti-Virus is also limited to just 15% of most Android users. This means more than 80% of users are yet unaware of the dangers a Smartphone is likely to bring.
On the positive side, users who stick to Googles very own app store are less likely to get infected by malware, as the company is quick in taking down malicious applications, such as the ones that take more information than required. However, they do run the risk of leaking sensitive data as a number of apps are made to send back user related information, mainly used for marketing purposes. The biggest problem at hand is the use of third-party or independent app stores. With China leading the charts, there are many who use this as a gateway to download apps that are otherwise payable on Google Play.
There has also been evidence of the growth of Chinese hackers who are more focussed on various India military agencies and the Tibetan human-rights group. The apps, currently under development can be made to siphon off information and install additional components on the phone. A number of targeted attacks are currently focused on various governments and companies, while 20% are targeted towards non-governmental and non-business organizations.
With more and more people switching over to Smartphones, there will be a definite increase in the use of cloud services - be it for enterprises or end users. Again, customer education plays a very important role. According to statistics, it is seen that small and medium businesses are simply putting their data in the hands of third parties without taking note of the security being implemented. Over 75% of organizations are making use of at least one of the many cloud based service but a mere 30% ensure that the data held by external providers are being encrypted.
Therefore, it makes it essential for private cloud providers to do a minimum of three things:
- Be clear about their prospects and their approach to security. State what options are available to adopt, without compromising security in the process.
- Communicate in standardized language and classify the various security risks and solutions, thus allowing companies to compare different providers easily when making purchasing decisions.
- Educate end-users on what they need to look for technically & commercially to ensure data security when migrating to a cloud-based solution.