Brown’s Bytes – The Picnic Problem


14th July 2017

A recent blog titled “The iPhone at 10: Still No Major Malware” was an interesting perspective on iOS and how it is often seen as the most secure Mobile OS.

It’s a view I come across a lot when speaking with customers – in particular when we talk about Mobile Threat Detection. Often the response is “what really is the risk?”

For the record, I do agree that iOS is the most secure Mobile OS. However, I’ve also seen what is possible when it is compromised and I wouldn’t want to put it out in the wild without a security solution on it any more.

There are many reasons for this, but the major one would be the old IT support adage – PICNIC (Problem in Chair, Not in Computer).

Apple makes the user king on iOS – it is one of the reasons why Enterprises have traditionally struggled to mould the OS into their locked down corporate requirements. This is therefore the key weakness of the OS.

The OS security is only as good as the user who is using it.

Malware, sideloaded apps, man-in-the-middle Wi-Fi, etc, are often designed to be initiated by the user overriding all the security controls in the OS.

What was particularly interesting about this blog was that it’s been put up by Intego. They specialise in selling security solutions such as antivirus and firewalls for the Apple Mac. Not so long ago the same “what’s the risk” argument would have been used for MacOS and yet here we are with an ecosystem of AV for Mac. There was a tipping point where that view could not be sustained and the need for Mac security was accepted.

Mobile operating systems are at this tipping point. I would strongly suggest you get in touch to see how you can easily deploy security solutions to protect your Mobile estate.