Mobile Security – A Very Scary World
Last month, AOTMP’s Telecom Management Industry Update started exploring mobile security and enterprises’ ten-dency to react to intrusions and problems, rather than employ proactive strategies. One area that stood out was the question of how the cloud impacts mobile security. Turns out, there’s a bit to consider. For one thing, using the same approaches for cloud as for traditional IT security will not suffice. Here, experts explain.
“The perimeter is dead,” said Santosh Krishnan, chief product officer for Lookout. “Devices were in the wall and so were the assets.” Not so anymore. “Now devices are leaving and assets are in the cloud,” he said. “And that’s a very scary world.” Thus, any mobile security strategy must take the cloud into account; it cannot restrict itself to the building or campus.
There may be some complications to overcome but employing mobile security within the cloud contains at least one big benefit: The cloud aggregates usage intelligence and threat analytics, said Michael Covington, vice president of product at Wandera. “The cloud is an essential component in developing those technologies and making them available globally,” he said. All of this, of course, invites its own set of challenges. For one, enterprises must rethink infrastructure security. “Ten years ago I would buy a firewall and put it at the edge of the organization,” Krishnan said.
Trying to do the same now will cause problems. Namely, IT won’t be able to see mobile traffic because the devices and assets live outside of the bounds. “You must have a cloud- and endpoint-based solution now,” Krishnan said.
Given the amount of data in question, and the complications of securing mobility from the outside in, the ideal approach will use a vetted, knowledgeable, respected vendor.