Ask some device manufacturers about the security of their mobile and embedded devices and they’re likely to tell you about their encryption strength. Then they will probably stop talking.
 
Such an approach is seriously lacking. You could have the most advanced car alarm in the world, but it would be completely worthless if you leave the keys in the door. While no system is ever 100 percent secure, you’ll get the best results from a comprehensive security effort that addresses all of the factors, including technical limits, hackers, and the behavior of your users.

Encryption is just one tool for addressing security issues. It’s impossible to know what tool is right for the job unless you’ve done a comprehensive security analysis. Developers working on new products or adding features go through a formal design process with extensive review by team members before writing any code. A similar process is essential for addressing – and preventing – serious security issues in Windows Embedded CE and Windows Mobile devices.

In the next few blogs, I’ll offer five steps to follow to maximize security on your mobile device.  Stay tuned.

. . . . . . . . . . . . . . . . . . . . . . .
Steven Yee, CISSP
Engineering Manager
Professional Engineering Services
BSQUARE Corporation | Contact Me!