Authentication takes center stage for mobile device security
Imagine that your smartphone is lost, or your tablet is stolen. Aside from the cost of the device itself, what else is at risk? How much sensitive personal data do you have stored on your smartphone or tablet?
Of course you have sensitive information stored on your mobile device. One of the primary benefits of carrying the mobile device in the first place is to have that information at your fingertips. That isn’t the real issue, though. The $37,000 question is, “What protection do you have in place to ensure unauthorized users can’t gain access to your sensitive information?”
It’s a $37,000 question because $37,000 is the average value users placeon the data stored on their mobile devices. A survey in late 2011 asked users to assign a value to the personal photos, music files, bank and investment account data, social network access, contact information, and other sensitive and irreplaceable data stored on a mobile device, and the average result was $37,438.
The first step to protecting the information on your mobile devices is to recognize that the mobile device is essentially still a computer—just a smaller, more portable version. It connects to the Internet, runs applications, and stores gigabytes of data. With that in mind, you should have a cross-device security tool in place to guard your mobile devices against exploits and malware just like you protect your PCs.
Even with a reliable security platform in place, though, authentication plays a major role in preventing unauthorized access to the content of your mobile device. The security tool can detect malware, and block suspicious activity, but if someone steals your smartphone, or finds your tablet lying on a park bench, and they’re able to simply tap or swipe to open it and gain access to all it holds, the security tools you have won’t help you.
You need to have some sort of PIN or passcode protection in place to make sure only you can open and access the device. The problem with PINs and passcodes, however, is that they can be guessed or cracked. That’s why companies like Microsoft and Apple are focusing on stronger authentication technologies.
Apple acquired Authentec—a company that makes fingerprint sensors—in July for more than $350 million. This week, Apple signed a deal with Microlatch to develop fingerprint reading authentication technology for NFC (near field communication) applications. Meanwhile, Microsoft has purchased PhoneFactor—a company dedicated to creating multifactor authentication technologies for mobile devices.
Many argue that tapping in a PIN, or activating facial recognition, or swiping a pattern on an image are all too much effort. They feel that these security controls impede the functionality and detract from the convenience of using mobile devices. The reality is that protecting the device from unauthorized access only adds a few seconds, and those who can’t spare a couple seconds for the sake of security are the ones who will be faced with that $37,000 question when their mobile device is lost or stolen.
More users should be using the access control features available already. Regardless, though, it’s promising that the mobile device vendors and mobile OS developers seem to understand the importance of authentication, and are apparently willing to exchange some convenience for better security on mobile devices.