Mobiles and the cloud: the perfect combination for secure access?

finger print identification

Security remains the big bugbear for cloud but current work could mean that mobiles are the authentication devices of the future

More often than not, when the words 'mobile' and 'cloud' are uttered in the same breath they are usually accompanied by 'security concerns' as well.

Take, for example, when we reported here at Cloud Pro last year how the Lumension commissioned State of the Endpoint survey raised concern over the uptake of mobile devices as endpoints and warned that 'a perfect storm for hackers to capitalise on' was brewing. Fast forward to 2012 and it looks like the relationship between the mobile and cloud worlds is becoming rather more stable.

First there was the news from Franco Bernabe, chief executive (CEO) of Telecom Italia, who gave a keynote at the Mobile World Congress in Barcelona last month in which he insisted that mobile operators could become the next generation of cloud service providers. Bernabe also touched upon security, suggesting that the cloud could be useful in providing something that was external to provider sites but with an overriding view of all network issues.

And now the Cloud Security Alliance (CSA) is bigging up mobile as the authentication platform of choice for the cloud. During a presentation at the CSA Summit in San Francisco during the annual RSA conference earlier this week, a panel of security experts bemoaned the use of weak passwords to protect cloud data and promoted smartphones with biometric security such as a fingerprint scanner, or perhaps the kind of facial recognition systems found in the latest Android-driven handsets, could be a much stronger way to secure access to cloud-based data.

The CSA mobile computing initiative aims to conduct the kind of research necessary to enable clouds of mobile devices to ensure secure mobile endpoints, as well as look at ways of using them as authentication platforms in the first instance. Everything from cloud-based mobile device management to securing the deployment of software to handsets will be looked at in depth. Ultimately all this will lead to the publication of guidelines for a  mobile device security framework as well as some kind of secure mobile cloud architecture.

There are, of course, a few caveats to the mobile platform security suggestion. Not least that most smartphones have yet to incorporate any kind of durable and effective biometric security measures. That said, mobiles as authentication devices is by no means a pie in the sky idea and is already a reality across some industry applications outside of the cloud. Throw in the 30,000 or so members of the CSA and given enough encouragement, the future could be looking bright for mobiles and the cloud.

Read more about:

Sign up for our free newsletter