The Tablets’ Wider Impact on Enterprise IT

With the introduction of the Apple iPad, Cisco’s announcement of the Cius (pronounced “Me-too”), and plans for similar tablet devices from HP, Avaya, and others, it is clear that the industry is catching on to the idea of a new, intermediate size mobile computing platform. Based on that we are now seeing the beginning of a second wave of developments, as Juniper Networks announced it has entered into a definitive agreement to acquire Columbus, Ohio-based SMobile Systems, Inc., a privately held software company focused on smart phone and tablet security solutions. The total transaction will be approximately $70 million in cash.

The industry has been wowed by the tablet devices themselves, with the result that most have overlooked the ripple effect surrounding their adoption in the enterprise. The SMobile deal should start us looking at what other ancillary markets might be impacted by the move to tablets. The major element driving this is the fact that tablets will run the same mobile operating systems as smartphones. The most obvious outgrowth will be mobile applications, which can now be enhanced based on the larger screen size available on a tablet versus a smartphone.

The SMobile deal can potentially revitalize the market for mobile device security that has languished since its inception. Smartphone security has long been a thorn in the side of enterprise security managers and CSOs. Smartphones can store considerable amounts of sensitive information and run operating systems and applications that are susceptible to viruses and malware, much like desktop PCs. Further, they require onboard encryption, remote wipe capability, strong passwords, along with policy enforcement or the ability for enterprise security managers to ensure those capabilities are actually being used.

SMobile provides security software for mobile devices running the Apple iOS, Blackberry, Android, Windows Mobile, and Symbian operating systems protecting them from viruses, spyware, and other threats, while providing those essential enterprise policy controls. Juniper plans to integrate the SMobile portfolio into their Junos® Pulse software platform that will deliver “ubiquitous connectivity, security and acceleration to smart phones, tablets, netbooks and notebooks.”

Of course, SMobile is not alone in providing mobile device security software. Similar capabilities are available from companies like Symantec, Computer Associates, F-Secure, Handango, and McAfee. It’s a safe bet that one or more of those companies are on Cisco’s acquisition radar, though Cisco’s mobility focus is routinely drowned out by their single-minded “videophoria.”

Mobile device security software has been around for years, it’s just that nobody bought it; industry estimates are that fewer than 5% of smartphones have any third-party security software. Mobile malware first appeared in 2004 with the Cabrir worm that targeted the Symbian operating system, and since then hundreds of new and derived exploits have appeared with creative names like “Skuller,” “Comwar,” “Flexspy,” and “Brador.” Most of those targeted the Symbian or Windows Mobile operating systems. One Windows Mobile Trojan called “Crossover” actually entered through the PC and infected the mobile device during an Active Sync process and then erased all files in the My Documents directory.

Juniper quotes industry analyst firm Infonetics Research as predicting the mobile client security market will grow to more than $1 billion by 2014, but that growth will be coming from almost zero. The problem is that protecting a mobile device was almost as expensive as protecting a laptop, and since none of these mobile exploits was widely promulgated, the threat was not recognized as severe. As a result, security professionals took other steps to protect information on mobile devices and the mobile devices themselves, most typically buying BlackBerries and taking advantage of the security capabilities inherent in the BES, or providing user training on safe practices for mobile devices (i.e. “Don’t leave them in the cab!”).   

For their part, the handset manufacturers are taking steps to deliver a safer mobile environment by vetting applications and controlling distribution through vehicles like the iTunes store. That approach is being followed by Apple, RIM, and soon Microsoft with the introduction of Windows Phone 7. Open environments like Android or non-Apple sanctioned applications for jailbroken iPhones do raise serious security questions, particularly the possibility that unscrupulous developers might distribute applications with built-in back doors or other security exploits. One of the areas we are watching closely with platforms like Android is the access applications will have to other information (e.g. data, contacts, security settings, etc.) on the device.

Embarrassing as it may seem, businesspeople may have overlooked the security vulnerabilities of smartphones simply based on the size--“How can something that small be a security risk?” However, a tablet is almost as big as a laptop, and that visual association may finally put mobile devices on the security radar. That development bodes well for vendors who can offer protection for those mobile operating systems, as they may finally get the attention they have long deserved.