Mobile security: Isn’t the small screen dead?

Within two or three years, most mobile phones on the market could well be ‘smart’, complete with diary and calendar features, web browsers and support for email.

Already, smartphones are outselling handheld computers, although handheld computer sales continue to grow, especially in the business market. Vertical applications – such as field sales force or service automation – are driving interest in both classes of device. Add to this support from most of the main business software companies, such as SAP, Oracle, Siebel Systems and PeopleSoft for mobile access to their products, and the number of jobs that employees can do away from the office is increasing.

However, not all business tasks originally based around the desktop PC or terminal will translate readily to a mobile environment. Inevitably, this means compromises.

Although technologies such as XML (extensible mark-up language) and portal development tools make it easier to present data to a range of different devices, the various PDAs and phones on the market have varying capabilities.

Screen sizes and formats differ widely, for example. Smartphones tend to have smaller screens, although the latest multi-function phones are very close to PDAs in capabilities. Some PDAs still retain the clamshell and keyboard design pioneered by companies such as Psion, whilst others are pen-driven.

Designers of mobile applications also need to take connectivity into account. While an office PC is invariably connected to the internal network, allowing easy access to server-based data and applications, this is not the case for mobile devices. Even today’s GPRS and emerging 3G networks have coverage holes, and connectivity is charged based on data transfer rates.

This means that mobile applications must minimise data transmission volumes, and ideally work offline too. This allows employees to continue to use the device when they are away from coverage or in an environment where connectivity is not possible, such as during a flight. But to do this requires an application to run locally on the device, and store data there too.

This adds to development costs, and may also limit functionality. This compromise will be acceptable to many CIOs, but security is one area where compromise is not an option.

A browser-only solution brings some advantages in security terms, as little or no information needs to be kept on the mobile device itself. But once an application keeps data on the device, the smartphone or PDA needs to meet enterprise-level security requirements.

Applications such as encryption, VPN connectivity and even biometric identification are available for most of the mobile operating systems. Installing them does add cost and complexity to a project – but it is far cheaper than the consequences of a security breach.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics