Convenience trumps common sense in mobile security arena

Juniper hopes to overturn bad common sense with new mobile security suite, to be pushed down by service providers

Mobile security is becoming an increasing concern among Australian consumers and enterprises, but few are willing to take the steps necessary to keep their information safe, according to research from Unisys.

According to the October 2010 report of the biannual Unisys Security Index, only 18 per cent of Australians claimed to regularly use and change passwords on their mobile devices, while 58 per cent admitted they never changed their security.

Some 37 per cent claimed to use “hard to guess” passwords while using the internet, while 60 per cent limit the personal information they post to social networking websites, according to the report.

The survey also found 56 per cent of respondents are concerned about misuse of their personal information, in circumstances such as identity theft.

Australia’s overall security index - comprising all major forms of physical and cyber security - remained stagnant at 123, lagging behind the global average of 128, but ranking fourth behind the likes of Brazil, Germany and the United States. However, the area of key concern from the report was the lax attitude toward mobile security.

“Australians are quick to embrace new technology,” John Kendall, Unisys Asia Pacific national security program director, said in a statement. “However there appears to be a lag between adopting new gadgets, such as smartphones, and implementing appropriate security measures – even if it is as simple as using a password.”

That isn’t entirely the fault of consumers - there are few adequate security measures currently available on popular smartphones beyond basic password protection - but Juniper Networks system engineer, Tim Nagy, told Computerworld Australia users still failed to exercise common sense in many cases.

“There’s no security product that can protect you if you leave your PC or mobile unlocked so there is still some user responsibility to make they’re following best practice,” he said.

“Mobiles, being portable in nature, lend themselves to being lost more easily and as more an more people store sensitive data on their phones - for example banking data - it’s easy to leave your phone somewhere where it can easily be taken.”

Juniper is one of several vendors to have added security portfolios by acquisition this year, purchasing smartphone security company, SMobile Systems, for $70 million in July. Unlike Intel’s $7.68 billion merger with McAfee, however, Juniper’s acquisition has already borne fruit in the form of Junos Pulse Mobile Security Suite. The cross-platform software is intended to deliver on-device security for enterprises and service providers to provide features including remote wipe and lock, SIM card change monitoring, and device location awareness.

While some analysts have argued security should be filtered through back-end networking equipment, Juniper instead hopes to proliferate the security capabilities to the individual devices of both enterprise employees through the business and consumers through the provider without intrusion. Nagy claimed the top-down approach to security would not be able to cope, even for mobile devices.

“I think a lot of carriers are conscious about security and indeed are working towards securing mobile handsets, but we have to remember this is now an internet connection,” he said. “With the increasing amounts of bandwidth that carriers have on mobile networks these days - many many gigabits [per second] - it’s impossible to manage security down to individual handsets on an aggregate scale.

“Given the scale of how the internet is increasing bandwidth-wise, I’m not 100 per cent sure that we’ll ever be able to move that entirely into a carrier.”

Nagy conceded the suite would duplicate some of the security features already available on select platforms, but ultimately provide a more holistic way of securing mobile platforms at the enterprise and service provider level.

The software will be released with compatibility for BlackBerry, Android, Symbian, and Windows Mobile 6.X, with iOS compatibility lagging until early next year due to development constraints with Apple’s app approval process. Juniper is planning Windows Phone 7 compatibility but Nagy couldn’t confirm when it will be released or how far along development currently is.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitymobile securityunisys

More about AppleBlackBerryIntelJuniperJuniperMcAfee AustraliaSymbianUnisys Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by James Hutchinson

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place