Overview of Data Connections and Mobile Device Security

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

It is increasingly common for sensitive corporate data to be stored directly on mobile devices. That means that your security deployment needs to have the capability to protect devices accessing corporate data in both online and offline mode as follows:

  • An online device is one that is actively connected to a network. This can be any type of network capable of transmitting data either to or from the device.

    The most common data network interfaces are Wi-Fi and standard mobile data networks (3G and 4G/LTE), though there are other ways of transmitting and receiving data on a mobile device. These include Bluetooth; short message service (SMS); multimedia message service (MMS); and tethering or synchronizing a device to another device, such as a laptop.

    When a device is online, your security deployment needs to protect data and applications on the device, as well as provide protection for data as it transits the network.

    Modern smartphones have a wide range of data connectivity options.

    Modern smartphones have a wide range of data connectivity options.

    Over the next few years, many mobile operators will be transitioning from their current 3G networks to faster, higher-capacity 4G/LTE networks. These networks are significantly faster than the 3G networks they are replacing, opening up a huge wave of additional smartphone capabilities and, more than likely, additional security concerns along with those capabilities.

  • An offline device is one that is not actively connected to any network. In this case, the potential attack vectors (methods by which a device can be accessed for malicious purposes) are limited because there is no way to get data onto or off of the device. Loss, theft, and dormant malware are still issues to be concerned about with a disconnected device.