The Android mobile platform and its oft-publicized security limitations, along with those of other mobile operating systems (OSs), are guaranteed to be a hot topic at this year’s Interop event. After all, they have even caught the attention of the American Civil Liberties Union (ACLU), which filed a complaint against the four major cellular carriers in the U.S. for not doing enough to protect the private information of subscribers using the Android OS.
The security concerns associated with Android shouldn’t shock anyone. We’ve known there were problems for a long time now, and other popular platforms like iOS are not immune either. But, thanks to the bring-your-own-device (BYOD) and consumerization of IT trends, the implications of such issues are now much more significant. Enterprise network security architects and managers are limited in their abilities to secure certain remote access connections due to the lack of open APIs for security relevant functions, such as VPN and Device Firewall, in most mobile platforms. This also means that neither carriers nor enterprises can effectively deploy and manage such features built into a mobile OS to meet their specific security needs. So, if they choose to stick with the native security functions, if they exist at all, they are at the mercy of many limitations.
The consumerization of mobile devices has led to another serious side effect: significant relevant security functions, required by major industry verticals and government entities around the world, are missing in action.
It is clear that BYOD is no passing fad, and that companies in every industry must find ways to make it work without compromising their IT infrastructures and the sensitive data contained within them. With each passing day, more and more organizations recognize the need to go beyond the one-size-fits-all approach that comes with most mobile devices and OSs, and instead focus on technologies that combine the security they need with the convenience users demand. Additionally, the mobile device industry must be more concerned and engaged in endpoint protection strategies and technologies if these limitations are to be permanently fixed.
How and when the industry addresses these issues remains to be seen, but it is evident that BYOD and the consumerization of IT will not slow down to let Android, iOS or any other platform catch up. This means that businesses must take a proactive approach to meeting the security needs that the mobile platforms’ built-in features cannot presently live up to.
Keep your ears and eyes open at Interop Las Vegas 2013 – we think this security topic will prove to be among the most popular.