In today’s increasingly global and connected world, security threats can come from all manner of sources. The widely-reported cyber attacks on banks and TV stations in South Korea in March were generally thought to be the co-ordinated work of a foreign government looking to bring down the Asian country’s infrastructure. Yet enterprise businesses adopting mobile strategies also face a significant threat to their security and one that is much closer to home: from employees within their own organization.
The trend to Bring Your Own Device (BYOD) to the workplace opens up greater flexibility, but can also compromise a company’s networks, systems and data. New research from Infonetics has found that managing and securing “rogue” devices connected by users was one of the key drivers for deploying mobile device security for 72% of the 103 medium and large companies interviewed by the research company in the US and Canada. Infonetics estimates there will be around one million malicious or high-risk apps on Google’s Android operating system alone this year, and forecasts that nearly all enterprises will experience significant mobile device security incidents by 2015. As a result, some three-quarters of respondents surveyed said they have purchased or are considering the purchase of a cloud-based or hybrid cloud/client-based mobile security solution.
Mobility brings with it additional risks to enterprises, with fast-growing volumes of information scattered across networks, devices and platforms rather than stored centrally. Information, identity, and device and service availability are all under threat. But adopting a structured approach to security will help enterprises to address potential threats and take advantage of the considerable benefits that mobile strategies can offer.
A comprehensive mobile security architecture should take you through a coherent design, implementation and management lifecycle. This will need to cover many elements such as detailing business requirements; evaluating physical platforms, products and technologies; testing of platforms and apps; and adopting ongoing best-practice management and ensuring that implementations are continually improved.
The key to securing mobile devices is understanding the risks posed to the enterprise by their use. Good mobile security is also constantly evolving to take into account the changing behaviors of mobile users, as well as new technologies and new threats. In summary, if enterprises adopt a considered and thorough approach to technologies, policies and governance they can deliver a secure mobile environment that yields considerable business and working benefits.
To find out more about mobile security threats and how to adopt robust mobile security architectures and practices I suggest you read Taking Mobile Security to the Next Level.