Study into the Implications of Smartphone Operating System Security

Recommendations

Info

Study into the implications of Smartphone operating system security Network-based Technology Network-based protection technologies serve two main purposes: 1. Protect the MNO’s infrastructure from security threats 2. Protect their customer’s mobile devices from security threats This includes protection against spam and malware. There are also solutions to detect and manage fraud before it gets to the Smartphone. There are also ancillary benefits to the MNO and these are mainly related to Quality of Service (QoS) purposes. Spam and Malware is taking up valuable bandwidth on the MNO networks and technology that prevents malware and spam from infecting customers’ Smartphones can be used to remove traffic that is classified as non-generating revenue. There are a number of technology vendors that are successful in this sector including: Blue Coat Technologies Adaptive Mobile Cloudmark The technology can scan the MNO’s network in an attempt to prevent and contain spam and increasingly, malware. Scanning can take place at both the messaging, for SMS, MMS and email, or at the mobile internet levels. They all develop solutions that generally tightly integrate with core network infrastructure supplied by vendors such as Ericsson and Huawei. Fraud Management Related to anti-spam and anti-malware network protection is fraud detection and management, commonly known as Fraud Management Systems (FMS). According to one of the leading suppliers of network-based anti-fraud solutions, Subex, “global fraud loss is estimated to be approximately 5 percent of telecoms revenue annually”. To combat fraud within the network, MNOs have adopted technology that allows them to be proactive for both detection and prevention. Network-based anti-fraud measures include: Stopping fraudsters at the point of activation Minimising fraudster’s time on the network Building strong profiles of fraudster credential and behaviour to quickly recognise repeat offenders Goode Intelligence © 2013 P a g e | 95 www.goodeintelligence.com
Study into the implications of Smartphone operating system security Enforcing strong governance, thereby deterring internal employees from committing or colluding in fraud Implementing efficient and early fraud detection Continuously monitoring both internal and external entities Employing strong deterrents, including taking action against employees and legal proceedings against external fraudsters, both externally and internally, to minimise future frauds Blocking lost and stolen Smartphones Lost and stolen Smartphones are probably the biggest mobile phone security threat within the UK at the moment. If you can render that lost or stolen device useless once the customer has reported its loss then that device can lose its resell value. MNOs have the ability to block stolen devices. All mobile phones, including Smartphones, have a unique number called the IMEI. The GSMA maintains a global database of lost or stolen devices, a ‘blacklist’ using the IMEI as the unique identifier. This is called the GSMA IMEI DB. MNOs can access this database to check whether a device that is not on their own database has been blacklisted. MNOs can choose to operate their own database of lost and stolen database and this is commonly referred to as ‘Equipment Identity Registers (EIR)’. Operators have the option of connecting their local EIR to the GSMA IMEI DB. Every time a Smartphone connects to the mobile network it will transmit its own unique IMEI number and during this process should check the EIR to verify whether the device has been blacklisted, e.g. is categorised as being lost or stolen. This is classified as having a mobile phone ‘blocked’. It is illegal and a criminal offence in the UK to ‘unblock’ or offer to ‘unlock’ a phone. If implemented and enforced correctly than this system for blocking lost and stolen Smartphones offers a serious countermeasure to the threat of lost and stolen Smartphones. Consumer awareness Consumer awareness, in partnership with technology controls, is an important aspect in preventing and controlling threats to the security of Smartphones. This section outlines some of the consumer awareness practices that are currently place in the UK. It is difficult to gauge the effectiveness of consumer awareness practices without carrying out very specific consumer market surveys. Goode Intelligence © 2013 P a g e | 96 www.goodeintelligence.com
Page 1 and 2:
www.goodeintelligence.com £ Study
Page 3 and 4:
Study into the implications of Smar
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46: Study into the implications of Smar
Page 95: Study into the implications of Smar
show all

Study into the Implications of Smartphone Operating System Security

Create successful ePaper yourself

Delete template?

Save as template?