Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Entrust CEO: Mobile more secure than desktop for protecting systems against malware

Derek du Preez | June 11, 2013
Bill Conner said “malware is in the network, you can’t stop it”

Entrust CEO Bill Conner is pushing enterprises to recognise that desktop's are no longer the most secure way to assure an employee's identity and that instead they should be looking to mobile devices for sophisticated protection against malware.

Conner and Entrust argue that mobile phones and the software they run on have been engineered in a way that makes it far more difficult for malware to infiltrate all applications, due to a lack of shared memory. In addition, analytics can be used to ensure that access to critical systems is only granted in certain situations.

In an interview with Computerworld UK, Conner said that companies and governments need to recognise that malware is always going to get into the network and that they need to focus their efforts on securing the identities of individuals through mobile.

"All these malwares are attacking identity - if I can get through the perimeter, what am I going after? I'm going after your digital identity. Our assumption is that the malware is in the network, you can't stop it, if they want in they're getting in," he said.

"Once they are in they have compromised your identity. Is that your employee doing it or is it some malware guy? You administrator will not see them doing things because he or she thinks it's you."

He added: "We are trying to get away from naming the malware and figuring out what it does, and move to figuring out how they are coming in and what we do to secure your systems."

Conner said that the media is convinced that mobile is the most insecure platform on the planet, but he is adamant that it is far more secure than desktops and laptops. He recognises that there are elements of mobile that you can break - SMS, directory, photos - because these all utilise shared memory.

Bill Holtz, Entrust SVP and COO, agreed with Conner and explained why mobile should be recognised as the superior platform for identity assurance.

"The mobile device is architected very differently to a Windows desktop or laptop. Each mobile application lives within a sandbox and at the moment there is no way for malware to jump from one application to another, which isn't the case for Microsoft applications, where you can use malware to elevate your privileges," said Holtz.

"The only vulnerability that lies within mobile applications are the ones that use shared memory - and we know which ones those are. The other apps aren't in shared memory and they are isolated, sandboxes."

Entrust also believes that because of the functionality on mobile phones - such as GPS, Bluetooth, biometrics - they act as a great tool for enabling enterprises to recognise who an individual is through the use of analytics.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.