Smart Enterprise Magazine

Volume 7, Number 2, 2013

Issue link:

Contents of this Issue


Page 23 of 43

Mobile Security Engage and Protect Connecting with mobile customers while safeguarding sensitive data has traditionally been hard. New approaches make it nearly easy. | By Tyson Whitten A s consumers across the globe adopt mobile devices, high-speed access and innovative mobile applications, new business opportunities are taking shape. But the innovation rate of mobile devices is accelerating faster than the enterprise's ability to adapt. Existing Web applications don't support new mobile models, preventing access to significant market opportunities. And security solutions tend to be fragmented; either security management of Web applications is separate from mobile applications, or data security focuses only on the mobile device, instead of the data. What's more, both usability and privacy tend to suffer, given security's traditional approach to secure the device versus the data. What's the end result? Reduced competitiveness, missed revenue opportunities and increased risk. A pragmatic approach should be taken to solving these challenges by simplifying the decision-making process and aligning with two main decision criteria: customer engagement and datacentric security. Customer engagement is defined by capabilities that enable mobile customers to better engage the business. These include authentication, authorization, single sign-on, session management, protocol translation and secure API management. Data-protection solutions are included as well, since they also remove data-security inhibitors to enabling customer engagement. All capabilities span technologies and should be selected based on specific project criteria. Data-centric security covers mobility solutions, starting with security solutions that indirectly protect data through various means. There is a transition to solutions that become more focused on protecting the data itself. So where should you start? Some common approaches can be taken to achieve enterprise mobility goals. Organizations attempting to extend current business and enterprise application access to mobile device users can get off the ground through existing access management investments. Identity and access management (IAM) technologies can quickly provide the ability to incorporate new mobile users into existing application access-management solutions, delivering a convenient user experience and centralized application management. Adaptive authentication can be applied, too, helping ensure that the right user is accessing mobile resources, based on location and other contextual attributes from the mobile device. Selecting a unified solution that meets the organization's application and data requirements will enable CIOs to capitalize on new mobile market opportunities, reduce the risk of data compromise and noncompliance, and lower the overall cost of ownership. n Tyson Whitten has responsibility for mobility and data protection solutions in the security unit at CA Technologies. Note: The complete version of this article was previously published online. Read the full version: (registration required). 24 photograph: jonathan Kitchen/getty; BAckground: Minerva Studio/Shutterstock Smart Resources

Articles in this issue

Links on this page

Archives of this issue

view archives of Smart Enterprise Magazine - Volume 7, Number 2, 2013