IT Security? There’s an app for that!

August 2, 2010

I’m sitting at my desk with two smartphones by my side. One is a Google Android (the HTC Desire) and the other is an Apple iPhone (3GS). The aPad (not iPad), a seven-inch tablet computer, completes the ensemble. What do all three devices have in common that my Dell laptop and Samsung netbook do not? They all run apps – software that has been coded by a variety of developers and which is not designed to run as a normal piece of code under, say, Windows, but runs as extensible code over an embedded firmware-based operating system.

Security apps are well-poised to drive tomorrow’s business IT security appliances.  Check Point has just become first out of the gate with an app-driven version of its software blade technology. Known, logically enough, as the Application Control Software Blade, the blade server gives organisations access to security apps that have been developed by third parties through a free “AppWiki” service. AppWiki is the blade’s equivalent of the Android Market and has 4,500 apps plus 50,000 widgets as of its launch on August 2. The technology was acquired last November from FaceTime Communications, the same company that cleverly licensed its name to Apple for use on the iPhone 4 video calling service.

According to Check Point, the reason for launching AppWiki – along with its security apps and widgets – is that office Internet usage has changed dramatically with the widespread adoption of social media and all manner of new Internet applications.

Whilst these Web 2.0 tools are valuable methods of communication, collaboration and meet legitimate business needs, Check Point argues that they also open the door to a number of emerging threat vectors.

I think the firm is right too – just as Google changed the smartphone marketplace with its Android mobile operating system a few years back, I think the AppWiki platform could represent a turning point for the IT security appliance industry.

I recently interviewed Gabi Reish, Check Point’s global director of security about the move into the world of apps. Reish told me the open source nature of the AppWiki environment is something that he expects to take off. Given that users of software blades can develop their own apps – much like Android users can for their Google-compliant mobile devices – I don’t think he’s far wrong.

This leaves Computer Associates, Microsoft and other “commercial” software companies firmly in the starting gate, as apps are clearly now “where it’s at” on consumer portable devices. Other smartphone vendors – the big boys such as Motorola and Nokia – are probably watching developments of this IT security seachange very carefully.

Did I mention that most of the apps were free?

Some argue that translating the apps revolution to a desktop-and-server environment will involve a leap of faith on the part of IT managers, but I suspect the free aspect of the AppWiki platform will drive it into the stratosphere.

The $64,000 question is, of course, who vets the apps?  Mr Reish wasn’t able to say much about this, because like the Android Market, the AppWiki platform is largely self-regulating. Ironically, however, since the apps and widgets are running on a “soft” security appliance, logic suggests that the platform will verify an app’s integrity before it executes the code.

So: am I right or wrong? Is app security going to be the next big thing? Time alone will tell…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: