On 11 March 2015, the FIC Observatory organised an event with the theme “Security and Mobility”. The speakers were Patrick Chambet, Head of Information Systems at C2S, an IT subsidiary of the Bouygues group, and Head of the Security Centre; Jérôme Notin, CEO of Nov’IT and Head of Uhuru; and Clément Saad, Founder and CEO of Pradeo Security Systems and winner of the FIC 2015 Innovative SME Award.
With the democratisation of smartphones, the mobile technology market is enjoying a growing boom. It even constitutes a new paradigm: the mobility paradigm. Nevertheless, this evolution involves new uses and new obstacles to securing data and communications. States, companies and individuals are directly confronted with new problems concerning the integrity of their personal and professional data.
Today, mobile devices form an integral part of a veritable material and logistical ecosystem of interest to a number of companies dedicated to security. Several approaches to securing smartphones and tablets have been observed. The fact that the British Government Communication Headquarters (GCHQ) obtained SIM card encryption keys made by Gemalto does well to explain the interest in this subject.
Containerisation, BYOD, MDM, creation of catalogues of secured applications and even intervention in the operating system on the kernel level represent major solutions. Some solutions are additive, and each one presents an original approach to securing information. However, from a technical perspective, each alternative also calls for significant investment in research and development. A strict policy must also be established upstream by each company, especially concerning storing files on company telephones only.
In securing mobile devices, three factors must be considered, in addition to the end user: the fast pace of the mobile market, the industry, and the network infrastructure through which data passes. Indeed, so many devices come out every year that it is difficult to develop and implement solutions tailored to each smartphone. This is a major problem for companies wishing to bring their fleets up to date with the most technologically advanced devices available. Here, a relatively simple solution can be considered: using two different telephones for two different uses. Moreover, the companies working to protect these mobile devices have not yet had any impact on infrastructure.
New possibilities are also opening up thanks to the development of connected objects. Yet, they too are vulnerable. Smart cities, like the one designed by Samsung are likely to generate substantial amounts of data. This means that they represent a new mobility-related security challenge.