Tech In Motion Chicago hosted a panel this summer to discuss the future of mobile in regards to security. A recent Cisco study showed that "by the end of 2014, the number of mobile-connected devices will exceed the number of people on earth, and by 2018 there will be nearly 1.4 mobile devices per capita." With all this growth, companies are taking larger strides in determining how to make sure their mobile sites and applications are both secure and scalable in order to meet demand. Tech in Motion members in Chicago got to hear about the topic from some top mobile security experts in their field:
- Richard Rushing is the Chief Information Security Officer of Motorola Mobility.
- Andrew Hoog is CEO/co-founder of viaForensics, a mobile security firm whose mission is to advance mobile security worldwide.
- Amit Shah is the Co-Founder and CTO at Vaporstream.
- John Storozuk is a Senior Security Product Manager for Product Security at BlackBerry.
To kick the event off, Andrew with viaForensics did a live cell phone hack of an iphone where he was able to go into the phone's pictures, contacts, emails, etc. He essentially downloaded a corrupt RSS feed and gained access to that secure data through it. According to Andrew “Your phone knows you better than your spouse. How well do you know your phone?” Because of this, it becomes all the more necessary to take precautions to guard yourself against an attack.
One of the attendees asked our panel the pertinent question of how, as a mobile user, you can best secure your data. Our panelists answered “iOS (iPhone) encrypts by default. Always make sure you use a passcode – this is just a basic precaution. For Android, turn the encryption on in the settings. Only about 1-3% of Android users use this feature.”
According to Richard, there is a general lack of concern about security in some sectors. The devices that we use know us so well and if someone is a hacker, it’s a dream that all of the info that we cherish is kept in one spot that goes with you from place to place. Take a look at security - even with PCs – they have had the same problems forever. Mobile has better platforms for security than PCs ever did.
Another topic that seems to be a buzzword right now in mobile is the idea of BYOD (bring your own device). According to John, BYOD allows users to choose their own device but in order to implement this in the most secure fashion, the best practice is for the corporation to tell its employees which devices are more “secure” and more easily managed by the IT department. Andrew suggested that companies take BYOD one step further and implement BYOS (bring your own security) which allows companies to turn their employees and customers into the first line of defense. He feels that BYOS is a game changer.
Amit was able to give his opinion regarding security from a startup perspective. Basically, startups look at the security dilemma as “I need security but I need money.” Most startups aren’t evaluated on security until it’s too late. They have real decisions that have to be made as an app developer, and these decisions need to be made based on a balance between security and functionality. His advice was to be sure to at least protect yourself (your app) against the most basic attacks.
After the panel discussion wrapped, there was some great Q&A from our attendees and the event ended with additional networking. Thank you to everyone who came out to our mobile event! Please check out what Tech In Motion was up to in August while exploring the ed tech field in Chicago.
As always, a huge thank you to our sponsors Workbridge Associates, Jobspring Partners, Chicago SmallBizDev Hackathon and headline sponsors Microsoft and BlackBerry for their generous financial support. Also thank you to Bonfire Wines who was onsite sampling.