News that a set of cell phone security specifications have been drawn up and are set to be officially unveiled next month looks good on the surface, but IT managers shouldn’t confuse this with any kind of immediate remedy to their mobility-related maladies.
The specs are slated to be announced at the CTIA Wireless show next month in Los Angeles. They will collectively be known as the Mobile Security Specification and will set out dictates around how manufacturers should lock down some of their phones’ most important components, such as operating systems. Some of the key backers of the standards include such industry heavyweights as Nokia and Samsung.
Good news, right? Yes. But when placed in the wider context of the mobile security landscape, it begins to look as big as a rowboat on the edge of the horizon.
Consider that none of the key manufacturers have stated they will indeed be incorporating the specs into any of their phones anytime soon. They’re talking the mobility security talk, but will they walk its walk? We simply don’t know yet. So hold off on the streamers and confetti for now.
Also consider that there is absolutely no guarantee that all cell phone manufacturers will adhere to the guidelines. Sound familiar? Sure it does. Just about every useful IT innovation that has required vendor consensus has had its development and implementation hijacked by vendors, all attempting to force their version of a solution upon customers — and thereby line their pockets with the proceeds. Should we expect this example to be any different? Hardly.
Most importantly, consider the timing. The specs are only being announced next month, at a time when the industry is already feeling the effects of mobile viruses. Just this month, McAfee warned of a new one known as “SMiShing”, a form of phishing attack that can open up cell phones to hackers.
Even if all the cards fall perfectly and the new specs are implemented ASAP, we’re still looking at a minimum of two years before the suggestions are turned into widely used cell components. The industry is simply too late on this one. The train’s gone, the threat is here. Had the mobile industry had more foresight, perhaps the phones we’re toting today would already be loaded with the right protection.
But then again, with the revenues that cell phone makers have been reeling in for the past decade, why would they have troubled themselves with that little issue?