Mobile and Cloud Computing Face Emerging Threats
Attackers are Adapting to Mobile Ecosystems
Mobile devices can be thought of as sensors that enable new threats, like malicious software, and offer unparalleled glimpses into people’s lives.
Protect the Data
Employee-owned devices make platform-specific security challenging, so focusing on protecting data may be more effective than securing the devices, according to the Georgia Tech report.
Technology Outruns the Law
U.S. courts have not arrived at a consensus on government access to data. The implications of tracking ubiquitous mobile devices are not well understood.
Employee-Owned Devices Change the Security Model
The BYOD trend means insecure network devices and data stored on personal devices. Securing employee-owned devices is difficult, so malware can use smartphones and tablets as launch pads for attacks into corporate networks.
Corporate Data At Risk
Because employees are using their mobile devices for work, corporate data gets stored in these relatively insecure environments, enabling intellectual property to be stolen.
Locking Down or Locking Out Mobile Devices
Because of its alluring productivity gains and cost savings, BYOD is not going away, so companies will have to bar untrusted devices from accessing sections of their networks.
OS Vendors Play Defense
Google has added a permission-based security model, security controls, the ability to revoke applications, and an automated system to vet applications for Google Play. From the start, Apple went further by tightly controlling certain system functions and checking applications for potential malicious behavior.
But Attackers Circumvent Gated Communities Anyway
Last August, Georgia Tech researchers showed that the App Store review process cannot prevent the introduction of malicious apps.
Legal Use of Data More Threatening Than Attacks
Although malware and hacks are significant threats to mobile device users, the Georgia Tech report says the legal use of data collected from smartphones and tablets is a far more pervasive threat.
U.S. Courts Unclear Regarding Warrants
Wireless carriers, manufacturers and application developers can collect user data, but it is not clear whether law enforcement can request this information without a warrant.
Can Cyber Insurance Reduce Risks?
In 2012, the number of companies buying cyber insurance policies increased by a third compared to the previous year, according to Marsh, an insurance broker.
Confusion Over Coverage
It is not always clear, however, what cyber insurance does and does not cover. Experts are working with insurance companies to set industry standards.
