Yesterday's road warriors lugged laptops, but a growing number of mobile professionals now carry internet-capable PDAs and smartphones. These increasingly usable and well-connected mobile devices are finally seeing significant business action. But most lack the basic security measures widely used to protect laptops. Many companies have started to recognize the risks posed by unsecured mobile devices used for business. ISPs can tap this new revenue opportunity by offering mobile security solutions.
A growth market
Until recently, PDA and smartphone adoption moved slowly, hampered by limited device capabilities and slow wireless links. But last year, device and network innovations finally put a kink in that curve. According to Canalys, global PDA and smartphone shipments jumped 75 percent between 3Q04 and 3Q05.
By mid-2005, Gartner estimates that PDA adoption had reached 47 million—about half the installed base of laptops.
Many mobile devices are purchased by individuals, without employer funding or blessing. But business use is quite common, especially among executives, sales, and other on-the-go workers. In a Pepperdine University survey, 38 percent of US professionals said that they had used their PDA to access their company's network. By 2007, IDC predicts that 90 percent of enterprise mailboxes will be accessed from mobile devices.
This surge in mobile device use is creating many new revenue opportunities, from mobile network services and business applications, to mobile device management and security. Gartner reports that mobile data protection sales were greater in 2004 alone than for the previous three years combined, and IDC projects that $1 billion will be spent on mobile device security in 2008. A diverse crop of security software vendors, old and new, are jockeying for position in this growth market.
ISPs are in a great position to re-sell and deploy mobile security products to individual subscribers, SMBs, and enterprise customers. Doing so can expand an ISP's portfolio, make existing internet service packages more attractive, and avoid customer erosion by 3G wireless carriers. For example:
* Any ISP that already sells secure remote access services or software for laptop users can complement that offering by adding similar measures for PDAs and smartphones, helping to retain customers as workforces shift to using mobile devices.
* ISPs can capitalize on today's unmanaged mobile device fleet to fix a growing problem not yet addressed by corporate IT. Customers who appreciate the risk but lack mobile security know-how may be happy to offload that job to a service provider with whom they have an existing relationship.
To help you determine whether mobile device security represents an opportunity for your business, this article explores today's mobile devices, their built-in security features, and after-market products that can be used to augment those capabilities.
Mobile devices and operating systems
Personal Digital Assistants (PDAs) and cellular phones are rapidly converging into what many generically refer to as "smartphones." Gartner defines a PDA as a data-centric handheld that may include a cellular radio. IDC considers any device that offers cellular voice to be a mobile phone or a converged device (aka smartphone). No matter how you slice the pie, many mobile devices shipping today offer more than one wireless interface:
* Bluetooth for peripheral (e.g., earbud or PC) connection,
* Wi-Fi for internet hotspot and corporate WLAN access, and/or
* 2G/3G wireless for voice, messaging, and mobile packet-switched data.
Older devices relied on "graffiti" pen-strokes or telephone keypads, but newer devices use thumb-wheel menu navigation and tiny QWERTY keyboards to better support e-mail and other text-based business applications. Personal Information Manager (PIM) applications (e.g., contacts, calendars, tasks) are still common, but are now frequently accompanied by internet clients (e.g., web browser, POP/SMTP e-mail, instant messaging (IM)), multimedia applications (e.g., media player, photo capture), and document viewers or editors (e.g., Acrobat, Office Mobile). Of course, the data associated with these applications also requires space: 64 to 128 MB of RAM and 2 GB removable storage are now typical.
Mobile devices are not limited to these factory-installed applications. A healthy crop of after-market consumer and business applications have emerged for mobile devices that offer APIs and SDKs for third-party development.
However, porting applications to mobile devices is no simple task—capabilities vary across devices and models, and processors and operating systems are very different. Most of today's mobile devices run one of the following operating systems:
http://www.isp-planet.com/technology/2006/mobile_security_1a.html