This month, Lopez Research held a mobile workshop at E2 Innovate where experts provided guidance on designing enterprise mobile strategies. Jack Gold from Gold & Associates spoke on “Enabling Business Through Mobile Security.” According to Gold, there are three components of security that every business should evaluate. The first, data in creation, is the process of reviewing and eliminating potential security vulnerabilities within the application design and coding. This minimizes the malware threats. In my opinion, this is the most overlooked and underrated area in creating security. The concept of a self-defending application isn’t new in the security arena but is gaining in popularity. The second area, data at rest, involves protecting data when it is on the device by using methods such as hardware encryption and authentication. The third area, data in transit, is protecting the data as it moves through the network using secure connection methods such as a VPN.
I agree with the importance of the areas listed above. Security will be present in all areas of the communications stack from the device through the application. I’d add that the market will move beyond today’s discussions of device security and application security. Mobile management and security will evolve to contextual security that is based on the user, their role, the type of content they are accessing and other contextual items such as location and time of day. Contextual security has been discussed for some time by traditional security vendors, but we see mobile adding its own dimensions around BYOD and various device operating systems.
Enterprise Mobility Management will provide some of these layers, such as device and application management. IT must select which security functions the business wants in an EMM. Some companies will opt for an EMM that spans the device through the application, while others will take a lighter approach that focuses on apps. A business must select the approach that works best for its individual risk profile.
What, if anything, would you add to this list?