FCC, FTC Reviewing Mobile Device Security Update Process
Several IT analysts told eWEEK that the joint FTC and FCC action on mobile device security procedures is a good idea. "Given the security risks facing the average consumer who uses their mobile device to go online or downloads and uses mobile apps, there clearly is a need for better understanding of what their device's vulnerabilities are and how much they can count not only on their device maker but also on their mobile service provider to keep protections up to date," said Bill Menezes, an analyst with Gartner. "This seems primarily a response aimed at the Android community given the platform's fragmentation among different device makers and different devices," he added. "But it makes sense even for the more unified OSes, [such as] iOS and Windows Phone, to provide perspective about the threats to them, their known vulnerabilities and how quickly they address them on a day-to-day basis." Another analyst, Rob Enderle of Enderle Group, told eWEEK that existing security update processes for mobile devices today are generally inadequate. "Some vendors like Apple and BlackBerry try to drive a more aggressive schedule, but the carriers seem to do their best to assure there is no consistency with regard to when or even if upgrades are done [on a] timely [basis]," said Enderle. "The end result is that massive numbers of people are exposed because of untimely or missing patches. It is well past time when the FTC should have taken interest in this but it is also better late than never."Charles King, principal analyst at Pund-IT, said the reviews are particularly smart because of the importance of mobile devices in people's lives today. "With vendors promoting an increasing range of mobile device processes, including using smartphones for banking and retail payments, ensuring safe and secure transactions is a critical issue the FTC [and FCC] should be monitoring." As the agencies evaluate and tighten the system, said King, it will be interesting to see how regulators keep up as scammers up their game to defeat tighter security in the future. "It will also be interesting to watch how vendors respond to this move, particularly Apple, which lately has had a thorny relationship with some federal agencies."
Enderle said it will be interesting to see what the agencies learn. "I expect they'll be appalled at how bad this is now and try for a massive change," he said.