siliconindia logo
CIO City >>  Expert  >>  

Gopakumar Panicker

"Mobile devices are providing an exciting opportunity to enterprises to improve productivity"

Mobile devices to minimize threat, loss and risk
Today, mobile devices are providing an exciting opportunity to enterprises to improve productivity and efficiency by employing them in key processes. However, they also bring challenges in terms of security of data and are also testing traditional security processes and structures developed and operated by companies.

Key security challenges:
1. Multiple platforms, user preferences, cannot be standardized
2. Users prefer native rich experience, restrictions cause user dissatisfaction
3. Ability to provide a seamless experience without compromising data security
4. Fragmentation of platforms create support challenges
5. Traditional security architectures are not designed for mobility interactions

When we look at statistics of online ecommerce transactions, over 30 percent of transactions are now originating from mobile devices. And we are bound to see a gradual increase in the ratio of people transacting from mobile devices. As the new generation starts creating information directly on mobile devices, dependency on traditional laptop model will reduce. We are also witnessing banking transactions through mobile devices through native applications or HTML5 based interfaces. Newer technologies like NFC, Apple’s iBeaconwill reduce cash and card transactions and will open-up a new era of smart transactions, customer loyalty
and customer engagement.

Mobile devices in the enterprise – checklist for securing them • Create an enterprise mobile strategy and roadmap
• Develop a mobile device policy based upon the strategy and company’s roadmap
• Encourage security & security testing as key component of mobile application development
• Segregate personal data and company’s data, implement adequate protection
• Implement a BYOD program based on the mobile device policy

As we see more and more devices and applications used in the enterprises, we will see rise in malicious applications, Trojans affecting mobile devices too. Hence it’s important to define
security of applications and application stores. Companies need to plan and include these aspects as a part of the overall enterprise security architecture. Until now we have seen attacks targeted on Windows based applications and infrastructures because of large market share. However the penetration of Android and iOS devices to consumers and enterprise is now a target area for attackers.

By putting the right policies, processes and infrastructure in place companies can exploit benefits of the mobile devices in the enterprise, while limiting exposure to security risks. If executed poorly, the personal device usage strategy could cause intentional or unintentional leaks due to thin boundaries between personal and professional information. Deploying an MDM or DLP will not provide sufficient protection against these advanced threats. We need to start right from the root and ensure that security of the foundation is strong