Gartner Blog Network

What You Hold In Your Hand Can Be a Lot More Secure Than What You Open on Your Lap

by John Pescatore  |  July 21, 2011  |  1 Comment

From a security perspective, Blackberries and iPhones are lightyears ahead in security compared to a Windows laptop.  Rim and Apple have had the advantage of controlling both the hardware and the operating systems, where Windows grew up in a time where the mantra was the OS had to run on any commodity hardware that met the basic BIOS and PC specifications. Over the years Windows had to have backwards compatibility with previous versions of a wildly evolving operating systems, and Microsoft jammed more and more application level functionality into the OS as part of its strategy to compete. All these are major factors in why even today it is difficult to keep a Windows PC secure.

RIM and Apple came along with very restrictive models, dictating the hardware and software combination and making it much harder (but not impossible) for users to load arbitrary executables – and, lo – the market loved it. The safety of being able to click on an app without having it explode in your face or mail your credit card number to criminals in Russia or China by far outweighed the fact that you only have 500 games to choose from, not 5,000.

This is not to say these devices are invulnerable – just as Windows can be rootkitted, iPhones can be jailbroken. Blackberry has had exploitable software vulnerabilities, as well. However, the change in the model has shifted the risk on these phones from a malware focus to a protection of data on the device focus – the biggest risk is physical loss of control of the device (theft, misplacement, phones that show up on eBay with all data on them, etc) putting a premium on local encryption and access policy support – not adding on layers of inneffective anti-malware software like in the PC days.

Droid came out and tried to go back the wild wild days of the PCs (any hardware! many versions of the OS! no restrictions on apps!) and immediately got hit by malware, and the market has already said “hey, where’s your App Store??” and Amazon and others have already started to offer App Stores for Droid.

This is huge – it is like users choosing cars that get high mileage and safety features over convertibles and roll-over prone SUVs. The market is driving smartphones in a much safer direction – the trick is for IT to be able to react and embrace this trend, vs. fight it and try to apply old world PC thinking to how these new devices should be managed and secured.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research


John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Thoughts on What You Hold In Your Hand Can Be a Lot More Secure Than What You Open on Your Lap

  1. […] Android, however, has bucked that trend, with a anything-goes focus and handling sourroundings ethos, that recalls Windows. “Droid came out and attempted to go behind a wild, furious days of a PCs (any hardware! many versions of a OS! no restrictions on apps!) and immediately got strike by malware, and a marketplace has already pronounced ‘hey, where’s your App Store??’ and Amazon and others have already started to offer App Stores for Droid,” pronounced Pescatore in a blog post. […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.