Study into the Implications of Smartphone Operating System Security

Recommendations

Info

Study into the implications of Smartphone operating system security An overview and analysis on UK regulatory and institutional responsibilities for Smartphone security Key Findings UK regulatory and institutional responsibility for Smartphone security is shared across a number of bodies that include: Telecommunications regulators: o Office of Communications (OFCOM) o PhonepayPlus Date Protection and Privacy: o The Information Commissioner’s Office (ICO) Financial regulation: o Financial Conduct Authority (FCA) o Prudential Regulation Authority (PRA) Trading standards: o Office of Fair Trading (OFT) Fraud: o National Fraud Authority (NFA) o Police Authorities The following table, ES5, summarises key UK regulatory and institutional responsibilities for Smartphone security by matching major Smartphone security risks against legislation and its responsible institution. Goode Intelligence © 2013 P a g e | 23 www.goodeintelligence.com
Study into the implications of Smartphone operating system security Table ES5: UK legislation and Smartphone security Smartphone security risk Applicable legislation Unpatched Smartphone Unclear Unclear Lost and stolen Smartphone (leading to potential loss of privacy, identity and data) Telephony Financial (Premium Rate Services) fraud Loss of privacy (due to Spyware and Malware Criminal law for theft Data Protection Act Communications Act 2003 PhonepayPlus Code of Practice Data Protection Act 1998 Communications Act 2003 Computer Misuse Act 1990 (Police and Justice Act 2006) Financial services (banking) fraud Financial Fraud Act 2006 Institution Responsible Shared between: Police Service The ICO FSA PhonepayPlus PhonepayPlus Ofcom The ICO Ofcom CPS FCA & PRA National Fraud Authority (NFA) Source: Goode Intelligence © 2013 Ofcom has a statutory duty to further the interests of citizens in relation to communications matters. Ofcom is also guided by a regulatory principle to research markets constantly and aims to remain at the forefront of technological developments. Goode Intelligence believes that current legislation should be sufficient in dealing with current Smartphone security issues. There does not seem to be any major holes in current legislation that could result in a disparity between the technology and the governing framework. However, this must be constantly reviewed in light of emerging, sometimes disruptive, technology that could alter the effectiveness of regulation and legislation. Related to legislation is education (engagement) and enforcement; educating affective parties as to the nature of legislation by engaging with all parts of the ecosystem and enforcement once there has been a breach (either intentional or unintentional). There is a question on whether providers of Smartphone services, including the Smartphone OS vendors, Smartphone OEMs and mobile app developers (including suppliers of OTT services) are adequately regulated. Goode Intelligence © 2013 P a g e | 24 www.goodeintelligence.com
Page 1 and 2: www.goodeintelligence.com £ Study
Page 3 and 4: Study into the implications of Smar
Page 23: Study into the implications of Smar
Page 75 and 76:
Study into the implications of Smar
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
show all

Study into the Implications of Smartphone Operating System Security

Create successful ePaper yourself

Delete template?

Save as template?