Why Smartphone Security Has to Come Front and Centre - gHacks Tech News

Why Smartphone Security Has to Come Front and Centre

For the last few days I've been using the new beta update to Microsoft's smartphone operating system, Windows Phone, on my HTC handset.  I've written a full hands-on review of this 'Mango' update at our sister website Windows7News.  It's a great update and finally brings full cloud services to smartphones with the integration of SkyDrive and Office 365 into the Office Hub.

Here you can update and edit Word, Excel and PowerPoint documents you have stored in the cloud and it's the one feature I've been looking forward to the most.  I have for many years had spreadsheets that I want to use on the move and used this facility as far back at the late 90's with handheld computers like the Psion Series 3.  Needless to say then I found that the omission of this feature from Windows Phone at launch, and the inability to be able to transfer and sync documents with PCs made the Office hub almost completely unusable for me, and a waste of time.

smartphone securityNow though I have full access to these spreadsheets.  I've stored them on SkyDrive ever since I first installed Office 2010 on my PCs.  The main reason for doing this was security, with the files not actually residing on my computers and hidden behind a password and encryption there, the theft of anything from my home wouldn't reveal personal and critical financial data to others.  How could anyone resist the opportunity to make their financial data so secure!?  There was also the added benefit of having access to these spreadsheets on any device and from anywhere in the world.  This is something I have also found extremely useful when on trips and holidays.

What I really wanted though was to be able to carry these files around with me too, on my smartphone.  After all, this is what a smartphone is for isn't it?

You would imagine then that now I have achieved spreadsheet nirvana I would be ecstatic and as happy as happy can be.  You might be surprised then to hear that I'm feeling quite the contrary.  In fact I'm now deeply concerned about the security of these files, and it all comes down the lack of adequate security features in the smartphone OS itself.

Now I won't speak about iOS or Android here, though all smartphone and tablet operating systems have got some faults in this area.  I'll concentrate here on Windows Phone.  With this operating system you have a simple choice between ease of use and secure and safe, but sadly it's very difficult to have both together.

What upsets me so much is that true spreadsheet nirvana for me would be an incredibly simple thing to achieve, if only Microsoft would put in one or two tiny little features to the main lock screen on the OS and one more feature to their Office Live platform.

At the moment the way things stand is like this.  You have a choice of either a lock screen that you swipe up to unlock the phone, or a lock screen that swipes up to reveal a numeric keypad onto which you have to type a code.  The latter of these two options is fully secure but the former will just allow anybody access to all your files and data.

You would imagine then that I would have my phone behind a password, to be safe and secure.  I don't do this though as I use my smartphone an lot, an awful lot in fact and for a great many different things.  The process of having to swipe the lock screen up and then type in a password is annoying, cumbersome and frankly too much to ask people to do.

This makes me think of Android phones I have used where unlocking the phone involves swiping your finger across the screen to make a pattern that you yourself can set.  This is what I would call secure and with this I would be very happy.  A very similar feature to this is being added to Windows 8, or so it appears, but so far (and we should remember that Mango is still in beta, though Microsoft have a history of only releasing 'near final' betas these days) there's no similar feature in Mango at all.

What Mango does bring to the table is the option to only ask for the password after X minutes of inactivity.  The options only go up to 30 minutes however, which may seem fair enough.  It is at least a huge improvement over what we had before.  It's not configurable enough for many people though and will need to be looked at.

Then there's the problem that the phone will automatically show, on it's Office hub main page, links to every file and document I store in Microsoft's cloud services.  There's no option to hide any or just show some.  It's all or nothing with this OS!

The other problem resides with Microsoft's Office Live service.  This service is still failing to support passwords on documents.  This would make the problem go away for me (though it still wouldn't sort out everything else on my phone being easily accessible to a thief).  This means that anyone clicking a link to a file on my phone will find that the file just opens for them, straight away and without worry.

It amazes me then that security on Smartphones is still not being given the importance by many companies that it truly deserves.  We're all doing more and more with our smartphones these days and many people are literally carrying their entire lives around in their pockets, unsecured and open to theft and abuse by anyone that finds or steals the handset.

This situation has simply got to change, and change quickly.  If Microsoft, Apple and Google are ever going to convince the world, especially business, that their smartphone platforms are 'the way forward' then they need to bring security front and centre.  Unless and until this happens we're all in trouble.

Summary
Why Smartphone Security Has to Come Front and Centre
Article Name
Why Smartphone Security Has to Come Front and Centre
Description
For the last few days I've been using the new beta update to Microsoft's smartphone operating system, Windows Phone, on my HTC handset.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. ilev said on July 3, 2011 at 7:48 pm
    Reply

    I wouldn’t use Office 365 on Mobile or PC

    Microsoft admits Patriot Act can access EU-based cloud data

    At the Office 365 launch, Gordon Frazer, managing director of Microsoft UK, gave the
    first admission that cloud data — regardless of where it is in the world — is not
    protected against the USA PATRIOT Act.

    It was honestly music to my ears. After a year of researching the Patriot Act’s
    breadth and ability to access data held within protected EU boundaries, Microsoft
    finally and openly admitted it.

    The question put forward:

    “Can Microsoft guarantee that EU-stored data, held in EU based datacenters, will not
    leave the European Economic Area under any circumstances — even under a request by
    the Patriot Act?”

    Frazer explained that, as Microsoft is a U.S.-headquartered company, it has to comply
    with local laws (the United States, as well as any other location where one of its
    subsidiary companies is based).

    Though he said that “customers would be informed wherever possible”, he could not
    provide a guarantee that they would be informed — if a gagging order, injunction or
    U.S. National Security Letter permits it.

    He said: “Microsoft cannot provide those guarantees. Neither can any other company“.

    While it has been suspected for some time, this is the first time Microsoft, or any
    other company, has given this answer.

    Any data which is housed, stored or processed by a company, which is a U.S. based
    company or is wholly owned by a U.S. parent company, is vulnerable to interception
    and inspection by U.S. authorities

    http://www.zdnet.com/blog/igeneration/microsoft-admits-patriot-act-can-access-eu-based-cloud-data/11225

    1. ilev said on July 3, 2011 at 7:52 pm
      Reply

      p.s It applies to data on SkyDrive too.

  2. Markus said on July 6, 2011 at 12:15 am
    Reply

    As if Android users care about your problem/s with microsoft crapware.
    Get a real smartphone.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.