Blackberry & Apple Triumph in Enterprise-Ready os Battle in the Run-Up to Infosec 2012
New pre-show research from industry analysts and Trend Micro reveals which platforms are secure and manageable enough to use at work
Highlights of the findings
The platforms were each scored on a combination of factors including built-in security, application security, authentication, device wipe, device firewall, virtualisation, and many others. BlackBerry attained the highest average score (2.89), followed by iOS (1.7), Windows Phone (1.61) and Android (1.37)
The findings are summarised below:
BlackBerry - The researchers commented that corporate-grade security and manageability make this platform the option of choice for the most stringent mobile roles. However, many features and protections that are commonly enabled or enforceable via the BlackBerry Enterprise Server (BES) are not present on devices that are user-provisioned via BlackBerry Internet Services (BIS). In fact, some of the strongest features restricting high-risk activities that users may undertake, such as removal of password protection for the device, may be rendered inactive if a user's device is not provisioned via the BES.
Apple - The iOS application architecture natively provides users much protection because all applications are "sand-boxed" in a common memory environment. Security in iOS also extends to the physical attributes of the iPhone and iPad. There are no options for adding removable storage, which in effect provides another layer of protection for users. Apple also compares favourably to BlackBerry insofar as the BlackBerry IT administrator has complete control over the device, whereas in iOS, the IT department can only configure items once the user has supplied their permission.
Windows Phone - Microsoft has learnt the lessons of the past and created a reasonably robust and secure smartphone operating system in Windows Phone. The OS uses privileges and isolation techniques to create sandbox processes. These "chambers" are based on a policy system that, in turn, defines which system features the processes operating in a chamber can access.
Android - Although Android is now available in more recent versions (4.x), version 2.x is still the most widely deployed on existing and new handsets. This is a security risk in itself; there is no central means of providing Operating System updates, meaning that many users remain unprotected from critical vulnerabilities for a prolonged period. On the plus side, it is a privilege-separated operating system and applications can't access the network without prior consent. Apps run in their individual sandboxed environment and permissions are granted by the user on a per app basis. Unfortunately the end user often fails to closely inspect the permissions request dialogue in their haste to use the app. It is often unclear, when permissions are given, what the application is actually capable of.
Nigel Stanley, Practice Leader - Security at Bloor Research and one of the report's authors, said "Security people I work with are scared witless by consumerization and the rapid adoption of these devices. Aside from the technical challenges, organisations need to understand the importance of a decent mobile device security policy and supporting user education."
Raimund Genes, CTO at Trend Micro and one of the researchers who produced the report, commented: "Against the growing, unstoppable backdrop of consumerization and BYOD, every mobile device is a risk to business. What is interesting in these results is that, whilst some mobile platforms have evolved very noticeably along enterprise lines, there is still a strong 'consumer marketing' legacy in some quarters and this is negating some of the progress made on the enterprise front. Indeed, some of the attributes we have examined in the report are still firmly 'enterprise-unready.'"
The report is available from www.trendmicro.com/.... - N.B.
- It forms the first in a series of announcements from Trend Micro in the run-up to, and during, InfoSec 2012
- These announcements will also include the unveiling of brand new industry research by Forrester into the cost and value to businesses of consumerization/ Bring Your Own Device (BYOD)
InfoSec 2012 takes place on 24th - 26th April 2012, at Earls Court, London. Trend Micro's stand is E10 and will contain live demos of the Trend Micro solutions that address the challenges of consumerization and BYOD.
TREND MICRO Deutschland GmbH
Trend Micro Incorporated (TYO: 4704;TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro(TM) Smart Protection Network(TM) cloud computing security infrastructure, our products and services stop threats where they emerge - from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.
Additional information about Trend Micro Incorporated and the products and services are available at TrendMicro.co.uk. Or follow our news on Twitter at @TrendMicroUK.
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Auswirkungen der EU-DSGVO auf die Sicherheitsarchitektur
Sie wirft ihre Schatten voraus, die EU-Datenschutzgrundverordnung, deren Anforderungen Behörden, öffentliche Stellen und Unternehmen bis zum 25. Mai 2018 erfüllen müssen.Weiterlesen