How Mobile Devices and Cloud Computing Changed Security
June 12, 2018
Lead Tech Analyst
Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company. According to a recent SANS Institute study, organizations spend as much as 12 percent of their IT budget on security.
In a Ponemon Institute study, it was found that organizations have a 27.7 percent probability of having a material data breach in the next 24 months at an average cost of $3.62M.
Meanwhile, the world of computing has changed. Security is not just about physically secure data centers and corporate controlled computing assets. Instead, end users have gone mobile, connecting to cloud enabled services, often with their own personal devices. And with the rise of the Internet of Things, there will be billions of connected computing devices on the planet in the next several years.
The primary consequences of applications getting hacked include financial loss, destroyed brand reputation, exposure to liability, and regulatory risk. Over 7 billion identities have been stolen in data breaches over the last eight years equal to one data breach for every person on the planet. Meanwhile, mobile’s rapid expansion has introduced a complicated and potentially hostile environment that is difficult to manage and protect.
64 percent of security practitioners said they were very concerned about the use of insecure mobile applications in the workplace with an average of 472 mobile applications reported as actively used in organizations.
Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company, on a network behind a managed firewall, and possibly in a datacenter with multi-factor access, physical security, and armed guards. Because the company owned those assets, they were able to dictate what applications could run on those machines, and actively manage and monitor them, providing the latest patches, endpoint security, and other controls dictated by corporate IT. Assets located in such places were implicitly trusted.
Today, the situation has changed. Mobile devices dominate the market, often as the primary or only way users access the Internet and the many cloud services available. These devices also have very little, if any, physical security. It is a well-worn path hackers use to access such devices to reverse engineer or tamper with the applications running on them, often through rooting, jailbreaking or hoodwinking the user.
This shift has created all sorts of new business models to take advantage of the popularity of mobile devices.
These new business models come with new security problems:
- New forms of payment using near field communications (NFC) on mobile devices are becoming popular in recent years. These applications require that credentials to authenticate users must be stored on the device. If those credentials are compromised, then a hacker can execute fraudulent transactions.
- Mobile devices are being used in the automotive industry to enable remote parking from your smartphone. A compromise of the device could pose a serious safety risk.
- In healthcare, patients are using mobile devices to manage sensitive information collected from various devices ranging from fitness monitors to blood glucose monitors to improve care and create data driven treatment options. A compromise of such a device can lead to a loss of privacy and sensitive information. Or even worse, if a device is hacked, it could potentially lead to life-threatening consequences for the patient.
Internet of Things
By 2025, the total global worth of IoT technology will reach USD 6.2 trillion with the most value coming from health care devices (USD 2.5 trillion) and manufacturing (USD 2.3 trillion). Meanwhile, we see a persistent lack of IoT security investment with 67 percent of medical device makers expecting an attack on their devices while only 17 percent taking measures to prevent an attack. These numbers are staggering when you consider U.S. hospitals have an average of 10 to 15 connected devices per bed with some hospitals registering 5,000 beds — totaling 50,000 connected devices per hospital.
Furthermore, traditional security solutions do not port well to the IoT world, due to differences in system architectures and resource constraints. Therefore, IoT security solutions have not evolved enough and are prone to numerous vulnerabilities.
Sign up for Analysis on the Best Tech Stocks
I’m an industry insider who writes free in-depth analysis on public tech companies. In the last 12 months, I predicted Facebook’s Q2 crash, Roku’s meteoric rise, Uber’s IPO flop, Zoom’s IPO success, Google’s revenue miss and more. Be industry-specific. Know more than the broader markets. Sign up now. I look forward to staying connected.
If you are a more serious investor, we have a premium service that offers institutional-level research and entry/exit options. This membership offers a competitive edge in identifying growth opportunities and reducing risk in the tech sector. Learn more here.
More To Explore
SentinelOne: Excessive Valuation Overshadows a Stellar Product
Cybersecurity firm SentinelOne had a its public offering late last month. The product is very promising as it automates cybersecurity, reducing human errors, fatigue and head count. However, the valua
Top Tech Stock News: 7 Things You Missed This Week (20-Sep-2019)
1. Amazon Altered Search Algorithms to Promote Certain Products
How to pick long-term stock winners in cloud computing
Cloud software stocks suffered a reversal that has produced losses of close to 50% from record highs.
What Happened to Splunk Last Week? Earnings Review
Splunk Inc’s (NASDAQ: SPLK) shares are currently trading at $118.46 which represents flat gains over the past 12-months basis compared to the broader market returning f...
How Driverless Cars will put Mobile Security to the Test?
As GM CEO Mary Barra said in a keynote speech, “A cyber incident is a problem for every automaker in the world. It is a matter of public safety.” As Tesla, GM and many ...
Press Announcement: Official Launch of I/O Fund and Audited Results
This week we’ve got big news to share. First off, my team has released audited performance results that outperformed $ARKK since the Fund was founded on May 9th, 2020 and we are currently beating the
Microsoft Earnings Likely to Prove Cloud Isn't Slowing Down
This week, Microsoft’s earnings will shed light on whether the fear over cloud valuations is warranted or not.
Governments won’t be able to stop Facebook and Google from abusive tracking on smartphones — but Apple could
Another day, another headline saying Alphabet’s Google and Facebook are being investigated for allegedly breaking privacy laws and engaging in anti-trust behavior.
Uber IPO: Record-Breaking For All the Wrong Reasons
By now, investors know that Lyft’s ride-sharing IPO didn’t reach $100 per share like many of the media talking heads stated it would, and this will likely weigh on Uber...
Why Robotaxis in 2020 Are Impossible and More Truths About Autonomous Vehicles
This last week, we saw Tesla take advantage of the lack of information available on autonomous vehicle technology. Unfortunately, the facts around autonomous vehicles a...