There’s been a minor flurry of activity in the mobile security space lately. On the vendor side we have McAfee’s acquisitions of tenCube and Trust Digital and Symantec’s investment in Mocana (Symantec’s acquisition of VeriSign’s security business has mobile implications as well). In other developments, we have the new ruling that it’s legal to jailbreak your (i)phone and AT&T’s breach of iPad owners’ personal data, and you can see that the mobile security space is getting interesting.
Many of the vendor moves in this area – including, but beyond, the acquisition and investment activity mentioned above – are merely extending anti-malware to the smartphone. We’re still in the early days for mobile malware, and it’s premature to expect much traction by providing malware protection on the smartphone (as I blogged about here).
But mobility means a lot more than “yet another device,” one you happen to carry with you that can be compromised by similar techniques to those affecting personal computers today. Mobility implies multiple devices and anywhere access, among other things. These have implications for the kinds of security solutions to deliver: sanctioned access, not sanctioned devices; services, not just products; synchronization, not backup; and so forth.
I still see too much focus on remote lock/wipe/disable as the only unique element of a mobile security play – useful, to be sure, yet this is a feature that will quickly be subsumed by carriers and manufacturers, leaving little room for independent vendors.
Where do you see mobile security going? What aspects – for the enterprise or consumer – would you like to see Forrester research further?