| By Michael Shaulov | Article Rating: |
|
| September 10, 2014 09:45 AM EDT | Reads: |
649 |
The key to securing your mobility is to understand how it is being used in your environment and what is potentially at risk. Taking stock of the mobile devices, applications and traffic in your network is critical to identifying how your data and resources are potentially vulnerable.
Since mobile devices are being used to do more and more -the devices being carried around today are 3000 times more powerful than the compute power on the original space shuttle6 - the potential risks continue to increase. Once an attacker is "in" - tricking a user into downloading malware or a malicious app, infecting a Wi-Fi hot spot, exploiting a device vulnerability, in the operating system, hardware, configurations, etc. - they can do almost anything on the device and apps, including:

- Intercept emails and text messages
- Steal application data, including content within secure containers and wrappers
- Capture browsing activity, including any usernames and passwords entered into sites
- Extract contact lists, call and text logs
- Activate the microphone (to listen in on private conversations and meetings)
- Use the camera to take pictures or videos (white boards, manufacturing plant layouts, etc.)
- Track location (where an executive is going could provide insights into potential customer deals or merger/acquisition plans, etc.) Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.
Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.
|
Role |
What Mobility Represents to Them |
Their Mobile Security Priorities |
|
CISO |
Business-level objective to improve agility and overall productivity. |
Getting ahead of the evolving mobile threat landscape to prevent intellectual property loss, tough board-level discussions and lawsuits that:
|
|
Audit & Risk Managers |
An initiative that introduces risks that need to be quantified and managed. |
Meeting compliance goals by adhering to security best practices and putting measures in place that reduce the attack surface. |
|
Audit & Risk Managers |
An initiative with a lot of moving parts out of their control. Need to support:
|
Improving visibility to better manage mobile devices and applications and reduce risks to ensure alignment with overall security policies and practices. |
|
Security Team |
An initiative that opens up a lot of new threat vectors that need to be managed and mitigated to keep resources safe and prevent data leakage. |
Effectively assessing mobile risks, integrating mobile intelligence into security information and event management (SIEM) and network access control (NAC) systems, and consistently applying policies, regardless of how or where a user accesses resources. |
|
Employees |
The convenience of being able to work whenever and wherever they are located. |
Protecting their privacy and preserving a simple, good user experience. |
Published September 10, 2014 Reads 649
Copyright © 2014 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Michael Shaulov
Michael Shaulov is CEO and co-founder of Lacoon Mobile Security. He’s responsible for the direction of the company, with a maniacal focus on adding the security organizations need to effectively leverage mobility. He is a recognized industry speaker, delivering talks at BlackHat EU, BlackHat USA and Infosec.
Prior to founding Lacoon, Michael co-founded BlueRidge Storage Systems and founded and led the Mobile Intrusive Interception team for the security division of NICE Systems LTD. Before his commercial endeavors, he pioneered the mobile security field in an elite military technological unit, where he received the Israeli Presidential Excellency Honor for his contributions. He holds a BSc in Computer Sciences and Physics from Ben-Gurion University, Israel.
- ARM Server to Transform Cloud and Big Data to "Internet of Things"
- Using Docker For a Complex "Internet of Things" Application
- Eclipse Foundation Presentation at @ThingsExpo New York
- DevOps Summit Silicon Valley Call for Papers Now Open
- Docker + Stackato: The Perfect Workload Portability Solution
- WebRTC Summit Names Peter Dunkley "Summit Chair" At @ThingsExpo
- Interview: Enterprise Internet of Things with Red Hat
- CA Keynote At DevOps Summit New York
- NuoDB Named “Bronze Sponsor” of Cloud Expo Silicon Valley
- Stay Current on the Internet of Things
- @DevOpsSummit | The Operational Amplifier [#DevOps]
- @ThingsExpo | Cloud, Internet of Things (#IoT) and Big Operational Data
- ARM Server to Transform Cloud and Big Data to "Internet of Things"
- Using Docker For a Complex "Internet of Things" Application
- Eclipse Foundation Presentation at @ThingsExpo New York
- DevOps Summit Silicon Valley Call for Papers Now Open
- WebRTC Summit Silicon Valley Call for Papers Now Open
- Fanning the Flames of Agile
- Docker + Stackato: The Perfect Workload Portability Solution
- Call for Papers for Cloud Expo 2014 Silicon Valley Opens
- An API Strategy Is a Business Strategy
- SaaS Represents the Commoditization of Business Function
- WebRTC Summit Names Peter Dunkley "Summit Chair" At @ThingsExpo
- Big Data Expo 2014 Silicon Valley Call for Papers Now Open
- The i-Technology Right Stuff
- After Ubuntu, Windows Looks Increasingly Bad, Increasingly Archaic, Increasingly Unfriendly
- Linux.SYS-CON.com Exclusive: Linus Discloses *Real* Fathers of Linux
- SCO CEO Posts Open Letter to the Open Source Community
- Linus' Top Ten SCO Barbs
- A Closer Look at Damn Small Linux
- Netscape Co-Founder's 12 Reasons for Growth of Open Source
- Where Are RIA Technologies Headed in 2008?
- Linux.SYS-CON.com Exclusive: What Would UserLinux Look Like?
- *POINT - COUNTERPOINT SPECIAL* What's Wrong with the Open Source Community?
- Why Recovering a Deleted Ext3 File Is Difficult . . .
- Introducing "Cooperative Linux" - Linux for Windows, No Less
























