{"id":49286,"date":"2016-02-01T00:00:00","date_gmt":"2016-02-01T00:00:00","guid":{"rendered":"https:\/\/www.techopedia.com\/5-solutions-to-counter-mobile-security-threats\/"},"modified":"2023-08-16T16:34:44","modified_gmt":"2023-08-16T16:34:44","slug":"5-solutions-to-counter-mobile-security-threats","status":"publish","type":"post","link":"https:\/\/www.techopedia.com\/2\/31449\/security\/5-solutions-to-counter-mobile-security-threats","title":{"rendered":"5 Solutions to Counter Mobile Security Threats"},"content":{"rendered":"

Threats to mobile security<\/a> are becoming varied and stronger. Managing mobile security is a big challenge for a number of reasons. Traditional IT security and mobile security are different propositions to a great extent. That is why the approach to mobile security needs to be different. A number of strategies are being implemented, including dual OS, remote wiping<\/a>, secure browsing and app lifecycle management<\/a>. While enterprises are working on improving security practices, awareness needs to grow at the individual level as well. (For the latest on mobile technology, see Mobile Technology: Top Twitter Influencers to Follow<\/a>.)<\/p>\n

Implementing Secure OS Architecture<\/span><\/h2>\n

Implementation of a secure OS architecture has already begun with iPhones<\/a> and the latest Samsung Galaxy Android<\/a> smartphones implementing the feature. The iPhone and the Samsung Galaxy smartphones have two OSs: one OS is known as the application OS and the other is a smaller and more secure OS. The application OS is where smartphone<\/a> users download and run their apps, while the second OS is used to handle keychain and cryptographic<\/a> functions as well as other high-security tasks.<\/p>\n

According to a white paper on Apple\u2019s secure mobile OS, \u201cThe Secure Enclave is a coprocessor fabricated in the Apple A7 or later A-series processor. It utilizes its own secure boot and personalized software update separate from the application processor.\u201d<\/p>\n

So, the secure OS communicates with the application OS over a shared, and probably unencrypted, memory space and a single mailbox. The application OS is not allowed to access the main memory of the secure OS. Certain devices such as the touch ID sensor communicate with the secure OS over an encrypted channel. Samsung Galaxy smartphones use the TrustZone-based Integrity Measurement Architecture (TIMA) to verify the Android OS\u2019 integrity.<\/p>\n

Since a large number of financial transactions happen over mobile devices, the dual OS system could be extremely handy. For example, in the case of a credit card transaction, the secure OS will handle and pass the credit card data in an encrypted format. The application OS cannot even decrypt it.<\/p>\n

Introducing Encryption and Authentication<\/span><\/h2>\n

Encryption<\/a> and authentication<\/a> have been implemented in smartphones to some degree already, but these steps are not enough. Recently, different concepts have been implemented to make encryption and authentication more robust. One such concept is containers. Simply put, containers are third-party applications that isolate and secure a certain portion of a smartphone\u2019s storage. It is like a high-security zone. The goal is to prevent intruders, malware<\/a>, system resources or other applications from accessing the application or its sensitive data.<\/p>\n

Containers are available on all popular mobile OSs: Android, Windows<\/a>, iOS<\/a> and BlackBerry<\/a>. Samsung offers Knox, and VMware<\/a> provides containers for Android from the Horizon Mobile technology. Containers are available both for personal use and at the enterprise level.<\/p>\n

Another way of encrypting mobile devices is to introduce compulsory encryption. Google is doing that with Android Marshmallow, and all devices that run Marshmallow are required to make use of full-disk encryption<\/a> out of the box. Although earlier Android OS versions allowed one to enable encryption, i.e. since Android 3.0, the option had two limitations: one, it was an optional task (only Nexus devices were shipped with encryption already enabled) so users did not usually enable it, and two, enabling encryption was a bit too technical for many typical users.<\/p>\n

Implementing Network Security and Secure Browsing<\/span><\/h2>\n

From the mobile device user\u2019s point of view, there are a number of ways to browse securely:<\/p>\n