Security ConcernsBy Nick Wreden | Posted 2011-12-06 Email Print
You can’t stem the tide of worker-owned devices, so learn how to deal with it.
Security Is Primary Concern
While mobile users roam the campus at Marquette, the 170 employees at Q2ebanking roam the offices in Austin, Texas—and the country—selling and supporting electronic banking solutions. Because the company faces scrutiny from federal regulators, mobile management security is a primary concern.
Another issue is the ability to manage devices that range from iPads and iPhones to Palm and Windows devices, while ensuring VPN integration. A third issue concerns authentication: Q2ebanking wanted a system based on soft tokens, since hard tokens create user resistance and greater support costs.
VeriSign (acquired by Symantec) Identify Protection met these security criteria—including the ability to bind credentials and access rights. Q2ebanking was so pleased that it incorporated the system into its own offerings to the financial industry.
“Provisioning takes only five minutes, administration is minimal and users find it unobtrusive,” says Ward Howell, director of security solutions consulting. The biggest issues were integration with Microsoft’s Active Directory, as well as ensuring firewall and other security involving mobile access, both of which were successfully handled.
But it’s not just about companies finding solutions; the industry must also play a role, according to Merit’s Cannon. “The biggest issue [we faced] was integrating Active Directory with cloud security systems,” he says. “The industry has to create a better hybrid cloud solution, so applications and data can be placed on the best platform, and then enable access and processes to be spanned between them.”
Forrester’s Kane points out that solutions and best practices are still evolving, and he anticipates that future generations of MDM will incorporate “corporate app stores,” similar to the stores offered by major consumer vendors. Vendors could ensure that users get the latest iteration, taking the burden off
IT. Another step could include advanced tracking of employee usage, which could lead to more efficient license management.
It’s a classic story in a new, increasingly mobile world: Users want freedom and choice; corporations demand security and standards. Mobile device management meets the demands of both, while providing an emerging platform to handle both threats and the yet-to-be-explored opportunities of the cloud.