- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
How Do You Support Splinternet Security On Mobile Devices?
Mobile authentication is nothing new. SiteMinder, a prominent web access management tool has been able to handle mobile browsers and sessions for at least 7-8 years. Some users complained of WAP and its limitations, but most could access information and log in to web sites with minimal issues.
WAP is gone and it is now replaced by a multitude of devices: tablets, PDAs, smartphones, etc. With the proliferation of Splinternet, we are witnessing not only a boom of content, but also the need to limit access to sensitive applications and data not only from the device but also on the device. Authentication, authorization, and data protection challenges multiply as companies embrace the PostPC tablets, etc.
What do we see people asking about? From the enterprise security perspective, the biggest challenge seems to be protecting the data on the device, performing a remote wipe on a lost or stolen piece of equipment, and making sure corporate information is separated clearly from any private data. Writing mobile applications or designing mobile-capable and still rich, interactive web pages is no easy task either. Companies also wonder about how to deliver and (de)provision applications quickly and securely.
What do we see companies do? Sandboxing corporate data and mandating the use of remotely wipeable devices is the first step. Storing certificates and using transaction signature mobile authenticators to defend against stolen or compromised text messages with one time passwords is a logical follow-on.
We expect Splinternet to embrace mobile virtualization. Running VMWare with multiple guest operation systems will be a good candidate for solving this. We are trying to lead the way at Forrester and help companies with data protection and Splinternet access from these devices.
Let us know about your thoughts, trials, and tribulations in this area.
Andras Cser is a Principal Analyst at Forrester Research, serving Security & Risk professionals.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Redefine Business Portability
- Prevent Mobile Devices from Loading Dangerous Code
- Expanding Your Security Perimeter: Common Sense for Navigating Today's Threat Landscape
- Fighting Fraud Videos: IBM Intelligent Investigation Manager
- IBM Intelligent Investigation Manager: Online Product Demo
- Webinar: IBM IIM for Fraud, Abuse and Waste in Government
- Thwarting DDoS Attacks with Cloud Defenses
- Data Center Insight: 6 ways to Prevent Mistakes that Have Cost others Millions
- HP & CIO: Making virtualization strategic
- Bridging the IT Gap: A Fresh Approach to Infrastructure Management
- IBM PureFlex and Flex System: Infrastructure for IT Efficiency
- Accelerating Solution Deployment with IBM PureFlex and Flex System