Lock up your smartphones

Global economic meltdown or not, smartphones are expected to be a key sales driver for handsets in 2009. But as more handsets get smarter, they also become more vulnerable to security issues.

One of the downsides of ubiquitous smartphones that offer a better mobile Internet experience is that they create a more viable playground for malware hackers who prefer a wider field of potential targets to exploit. The move from closed environments towards open-source OSs - which is otherwise generally a good thing - will also make handsets a more attractive target.
The other issue is that smartphones are more and more capable of hosting content worth stealing. Mobile devices are becoming massive repositories of personal information, from phone numbers and SMSs to pictures and videos and whatever else you can fit on a 2-GB flash memory card. If you don't think that's a big deal, ask the man in the US state of Arkansas who lost his cellphone in a McDonald's last month. He got it back, only to find later that nude pictures his wife had sent to his handset had been downloaded from the phone and posted online.

Here's a better example. In early December, a TV news reporter in Virginia went to a campaign fire sale, in which McCain/Palin campaign staffers were selling off stuff used during the election. Among the items: BlackBerry phones at $20 a pop. The reporter bought one, only to find that it was still loaded with hundreds of confidential campaign-related emails and the private phone numbers of campaign leaders, politicians, lobbyists and journalists.

Little wonder that President-elect Barack Obama is being asked to give up his BlackBerry.
The thing is, none of this should be news. We've known since Paris Hilton's Sidekick was hacked in 2005 that personal data on handsets can be stolen and made public, or used for fraudulent purposes. A growing number of enterprises - whose employees use BlackBerries and other smartphones for business purposes, as well as laptops to access corporate LANs via Wi-Fi - have become aware of the problem and are turning to mobile device management solutions, among other things, to protect themselves.

Cellco as device manager

Consumers, however, are currently on their own. And while consumers tend to understand at some fundamental level that they need to think about security for their PCs and laptops - installing anti-virus software, making sure their Wi-Fi access points are encrypted, etc - the same can't be said for their attitudes towards handsets.

Marko Rapeli, global sales director for F-Secure's mobile solutions business group, told me last month that one reason consumers don't equate PC security with smartphones is because most people still see their handset as an extension of the service provider - which it is, in the sense that the operator's SIM card is inside the phone. But consumers don't think that way. If the handset has problems, most people call the cellco, not the handset maker or the apps developer.

Which means, of course, there's a potential business opportunity here for cellcos.

Cellcos could be proactive and assume the role of device manager, offering services like remote lockdown and even data-wipes to keep people from accessing data on your lost or stolen handset (ideally bundled with an automatic content backup service).

 

Vodafone in the UK already does this, albeit only for enterprise customers with Windows Mobile devices.

The challenge is that selling security is hard. Like insurance, many people tend not to see the value in it until it's too late. But even if it's more of a customer-service differentiator than a revenue generator, there's value in that. Over time, of course, consumers will learn to protect themselves against malware, and handset makers will add their own security features like biometric scanners. Until then, cellcos should be doing what they can to make the mobile universe a safer place to work and play.

Suggested Articles

Wireless operators can provide 5G services with spectrum bands both above and below 6 GHz—but that doesn't mean that all countries will let them.

Here are the stories we’re tracking today.

The 5G Mobile Network Architecture research project will implement two 5G use cases in real-world test beds.