There’s already been a lot written and said about the potential for mobile malware and the need to better secure next-generation handheld devices, but other than some beta-type anti-virus programs and the work of handset makers and carriers to control the applications that end up on their phones, there hasn’t been a lot of work done to address the emerging threat.
Enter some influential (European) mobile consortiums — specifically the Open Mobile Terminal Platform (OMTP) group and the Next Generation Mobile Networks Alliance (NGMN).
Together the members of the two organizations represent a veritable who’s who of the wireless set, with companies including Alltel, AT&T, China Mobile, Docomo, Ericsson, KPN, Intel, LG, Motorola, Nokia, Orange, Qualcomm, Sony, Sprint, Telefonica, T-Mobile and Vodafone involved in the two groups (with many of those companies involved in both efforts).
OMTP and NGMN Alliance specifically announced plans to work together to “enhance the industry’s awareness of device and network security in next generation mobile networks.”
Moving forward, the consortiums said that they are planning to combine efforts to bolster wireless security by promoting industry recommendations on mobile and network security, which they said will help allow for enhanced mobile applications and a safer environment for developers, operators and consumers.
Forgive me for playing the role of the cynic, but I’d feel a lot better about the whole deal if they had some more specific goals, but I suppose the whole thing is just getting started.
“The NGMN is a complimentary organization to the OMTP. We have like-minded individuals, a similar membership and a mission to enhance the mobile experience for all parties involved in mobile, from developers to the end user,” said Tim Raby, managing director of OMTP, in a statement. “We hope to raise device security up the agenda, ultimately delivering a better and safer user experience.”
NGMN Operating Officer Peter Meissner followed, “The OMTP’s recommendations are valuable and respected within the industry. The security recommendations are widely seen as the baseline for device security across the industry. Security within the network and device is critical for the NGMN Alliance’s road map especially in the light of the uptake of future mobile applications such as Mobile Web 2.0, Mobile TV and more.”
Previous predictions of a torrent of mobile malware haven’t yet proven true, but researchers have seen some signs recently that attackers have begun trying to subvert .MOBI Web sites designed for use by mobile devices.
And the security of data stored on board wireless handsets is certainly already an issue, given how easy it is to leave one in a cab, and how many companies are required to report leaks of potentially sensitive corporate information.
So far there hasn’t been a big rush to lock down the devices further, but it’s certainly encouraging to see some of the big names getting on board with this type of work before the inevitable happens.
Because you know it will…
Matt Hines has been following the IT industry for more than a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.