The Grace Period On Mobile Security Is Over

A recent article in GCN stated that the “grace period on mobile security is over”. So what exactly does this mean?

When a new technology is developed, there is a grace period of about five years where malware and hackers are less common on the device, says GCN reporter William Jackson. After those five years are up, which for mobile was around last year, malware attacks and hacking are seen at an increased rate.

If you’ve been reading the news lately you probably agree that hacking has been making the headlines more frequently. The News. Corp. phone hacking scandal started it off and recently there was the Anonymous breach of the Scotland Yards and FBI call. Since smartphones have more capabilities than just calls, there are more ways for hackers to breach mobile devices. A recent study found that almost all paid and the majority of free Apple and Android apps have been hacked.

What The NIST Recommends With Recent Report

Smartphones are indispensible for businesses and individuals and are continually being used in new ways to communicate. Unlike smartphones, the grace period for computers and laptops has been over for a number of years now so those devices are increasingly able to protect against malware. Smartphones need to have the same increased level of protection on the device to secure and protect data from hacking and malware.

“Current mobile devices lack strong roots of trust that are increasingly found in laptops and other types of hosts,” the National Institute of Standards and Technology (NIST) stated in its recent report. “These roots of trust are hardware and software components that are secure by design and are trusted to perform one or more security-critical functions.”

“All components of these technologies, including client devices and BYOD devices, should be secured against expected threats as identified through threat models,” said the report. For now, the NIST has created standards along with the Digital Government Strategy to get ahead on mobile security and to make sure that the communication benefits of mobile are not taken over by the inherent risks that could threaten business and personal data.