DOC RABE Media - Fotolia

Built-in mobile security features put power in users' hands

Recent advancements in mobile security technology allow smartphone vendors to offer more built-in features, such as the iris scanner in the new Samsung Galaxy Note7.

Today's smartphones have more advanced security features than ever before, which help IT departments -- and users themselves -- better protect devices and data.

Built-in features, such as biometric authentication and file-level remote lock, wipe and encryption, are especially useful for businesses that haven't invested in enterprise mobility management (EMM). The mobile security features in the new Samsung Galaxy Note7, for example, include an iris scanner, web-based remote lock and wipe capabilities, and the encrypted Secure Folder.

"Secure Folder may be one of the better features to come out for Android smartphones in quite some time," said Jack Narcotta, analyst at Technology Business Research Inc., in Hampton, N.H.

Secure Folder allows users to protect data and apps by storing them in an encrypted area of the device that requires an added layer of authentication to access. It uses a sandbox approach with Samsung KNOX's encryption technology to keep the content separate from other data and apps on the device. Users have control of the Secure Folder's contents and who has access to it, but IT departments could encourage its use to take advantage of an added layer of protection, Narcotta said.

For example, IT could advise users to store apps that have company financial information, such as expense-report apps, in the Secure Folder. 

"If you're a small business with no EMM, you're jumping all over this," Narcotta said.

Biometric authentication steps up

''Biometrics have become increasingly helpful in securing mobile content and devices. This kind of authentication is ideal for enterprise mobile security because it doesn't take away from the user experience," said Michael Oh, CTO and founder at TSP LLC, an Apple reseller based in Boston.

If you make it hard to use, you'll turn away people, but you have to also be able to say it's secure.
Michael Ohmanaging CTO and founder, TSP LLC

"That's the fine line that every vendor should abide by," Oh said. "If you make it hard to use, you'll turn away people, but you have to also be able to say it's secure."

Prior to Apple's introduction of the Touch ID fingerprint scanner in 2013, most iPhone users opted to not have passwords on their devices, because it was inconvenient. If a user's phone was lost or stolen, and it contained corporate data, that information was available to anyone who found the phone.

Samsung is taking the next step in biometrics by adding the ability to scan a user's eyes. The Galaxy Note7 uses the iris scanner and fingerprint scanner interchangeably to allow users to unlock the device and certain applications. Secure Folder, in addition to Samsung Pay, will support the iris scanner in the future, Samsung said.

"The retina-scanning capabilities that are emerging right now are, without question, way more advanced and secure," said Eric Klein, director of mobile software at VDC Research Group Inc., in Natick, Mass.

Managing lost devices

It's also important to be able to remotely manage lost devices in case hackers use workarounds to get past authentication layers.

Samsung's Find My Mobile app, available on the Galaxy Note7, is similar to Apple's Find My iPhone app, which allows users to locate any iOS or OS X device they own via GPS tracking. Through the Find My Mobile website, users can lock a device until they track it down, or they can wipe its contents completely. Remote lock and wipe are basic features of EMM, so the ability to use them in this manner will appeal to smaller businesses that haven't adopted EMM, Klein said.

"That is a feature that will be welcomed by consumers, but IT as well, because phones are lost all the time," he said.

Next Steps

The Samsung Galaxy Note7 has an edge

Biometric authentication boosts mobile security

Four tips for better Android security

Dig Deeper on Enterprise mobile security