Mobility Cover Story July 2012
3
MOBILITY July 2012 | 15 www.mobilityindia.com Cover Story Securing Mobility Space Security is Taking Center- stage when it comes to enabling convergence and bringing in the much needed mobility element within an enterprise I ncreasingly powerful feature sets and rich functionality are driving the wide- spread use of mobile devices by banks, security and law enforcement agencies, government authorities and other security conscious organizations. Mobile workforces are taking advantage of mobile devices to remotely access confidential emails, spreadsheets, databases, customer data, order information, credit card data, medical history and patient information among other sensitive corporate data. Mobile devices are now the most vulnerable entry points for malware and other threats to the corporate network to which they are connected. Additionally, mobile devices are increasingly more dispersed geographically and at the forefront of operations in the field. So is sensitive corporate data safe in the mobile world? The potential security loopholes are increasing – as are the associated costs and liability! Will the next leak of sensitive information in your organization result from a stolen SD card? Or data transferred out of the device through USB or Bluetooth? Can you ensure that corporate email is being accessed only on authorized mobile devices protected by security policies and not just any device the end user can buy? Today’s CIOs are always asking questions like how to protect the end to end data. Protecting corporate data in transit over public Wi-Fi and cellular networks Encrypting data stored on device, making it available only to authenticated users on your domain Disabling device communication modules and hardware features (e.g. camera, Bluetooth) Authenticating device users using Active Directory (Domain Security) credentials Authenticating mobile device hardware using certificates Enabling malware protection and intrusion detection Limiting end user’s access, preventing harmful Internet downloads and unauthorized software installation Proactively mitigating risk of data loss with efficient strategies for dealing with lost and stolen devices. According to the mobile market review for the first quarter of 2012 conducted by Cyber Media Research the shipment of smart-phones rose by 17.4% as compared to last year. With mobile security being a
-
Upload
mobility-india -
Category
Documents
-
view
221 -
download
4
description
july 2012
Transcript of Mobility Cover Story July 2012
MOBILITYwww.mobilityindia.com MOBILITY July 2012 | 15 www.mobilityindia.com
Cover Story
Securing Mobility Space
Security is Taking Center-stage when it comes to enabling convergence and bringing in the much needed mobility element within an enterprise
Increasingly powerful feature sets and rich functionality are driving the wide-spread use of mobile devices by banks,
security and law enforcement agencies, government authorities and other security conscious organizations.
Mobile workforces are taking advantage of mobile devices to remotely access confidential emails, spreadsheets, databases, customer data, order information, credit card data, medical history and patient information among other sensitive corporate data.
Mobile devices are now the most vulnerable entry points for malware and other threats to the corporate network to which they are connected. Additionally, mobile devices are increasingly more dispersed geographically and at the
forefront of operations in the field. So is sensitive corporate data safe in
the mobile world? The potential security loopholes are increasing – as are theassociated costs and liability! Will the next leak of sensitive information in your organization result from a stolen SD card? Or data transferred out of the device through USB or Bluetooth? Can you ensure that corporate email is being accessed only on authorized mobile devices protected by security policies and not just any device the end user can buy?
Today’s CIOs are always asking questions like how to protect the end to end data. Protecting corporate data in transit over public Wi-Fi and cellularnetworks Encrypting data stored on device, making it available only to
authenticated users on your domain Disabling device communication modules and hardware features (e.g. camera, Bluetooth) Authenticating device users using Active Directory (Domain Security) credentials Authenticating mobile device hardware using certificates Enabling malware protection and intrusion detection Limiting end user’s access, preventing harmful Internet downloads and unauthorized software installation Proactively mitigating risk of data loss with efficient strategies for dealing with lost and stolen devices.
According to the mobile market review for the first quarter of 2012 conducted by Cyber Media Research the shipment of smart-phones rose by 17.4% as compared to last year. With mobile security being a
Q) What is the present focus of Tata Docomo in the Karnataka circle?
At Tata DOCOMO, we have been keeping up with our brand promise of being simple and offer relevant services to our customers. We will continue to offer value for money products to our customers. We would offer tariffs that are easy to understand.
Since we operate on dual technology platform, this gives us great opportunity to get the best of both technologies in both the Voice and Data segments. We have several revolutionary products in our portfolio which cater to all the segments. Our recently launched data product-TATAPHOTONMAX is theFirstHigh Speed internet device launched on CDMA platform that offers speeds upto 6.2 Mbps Speed!!! Another revolutionary anduniqueproduct is the3GWi-Fihubdevice which was introduced last year. The device is unique as it works on both the 3G and CDMA platforms.
We will continue to bring up more innovative products for 3G as well. To increase the adoption of 3G we have been educating the customers on the benefits of this technology, setting up Solution Desks and providing Live demonstrations of 3G & Data services, Handset Display Counters and experience zones at our branded retail stores to enable the customer to experience the products before they buy.We will continue to work towards our brand promise of being refreshingly different, surprisingly accessible. Through these initiatives we will work aggressively to emerge as one of the top telecom operators in Karnataka.
Q) What are some of the biggest challenges that your organization is facing today? How are you planning to overcome these challenges?
Today telecom space is cluttered and the consumer is confused as to which operator he/sheshouldoptfor.Ourprimaryconcernis to break this clutter and therefore, we at Tata DOCOMO keep assessing their needs and address them individually. Our main objective is to offer our customers simple and transparent products.
The biggest challenge is to continue to be relevant and simple when dealing with our customers. Mobile number portability has empowered the consumers to make a choice and change their operator whenever they find the services dissatisfactory. So we are working on areas like customer satisfaction to ensure that a consumer faces no problems with DOCOMO services. We expect consumers to shift to our network. But this won’t happen in a few days. This transition will be an ongoing process.
Q) Today a lot of operators are busy strengthening their network in order to deliver better services for the end user. How does Tata Docomo feel about strengthening its backhaul capabilities?
Tata DOCOMO has been constantly working towards strengthening its network capabilities to deliver the best and un-interrupted services to its customers. Tata DOCOMO has extended its network strength and reach by many folds across Karnataka to ensure that customers continue to enjoy services on its seamless network. Tata DOCOMO’s superior services are now available in
more than 11000 towns and villages in Karnataka and will continue to expand in the coming days. Q) What kind of investments do you plan to do in the network expansion area within Karnataka circle?
We have planned significant investment modules for our network expansion across Karnataka, keeping in mind the untapped potential within the state and the kind of customer responses that we have received. To provide hassle free services to our customers we will continue improving our network strength and invest in better and advanced technologies. Q) How important is the Karnataka circle for Tata Docomo? How much does this region contribute to the national kitty?
Tata DOCOMO Karnataka Circle is very critical in terms of both Revenue and Customer Market share. Karnataka circle has been a significant contributor towards the national growth and business right from the day it has been operational. It is a very mature market and there is a lot more scope to experiment and bring out more and more innovative products for our customers. Moreover, Tata DOCOMO has got an overwhelming response and has been accepted very well by the customers in Karnataka.
We are quite satisfied with the strong brand presence that we have registered in Karnataka region. Many innovative products have been launched in Karnataka in the last quarter which has actually gained popularity with the customers. To name a few we have unmatched services inVAS-FacebookonMobile,GrabASong;3G Smart Life Plans as one stop shop for both voice and data benefits; Postpay -Unlimited Plan@Rs899, Pure Rent FreePlan; Prepay- Truly Unlimited CDMAPlans, 200% Talk time clubbed with full TalktimeonFirstRecharge@Rs47;Newlylaunched Photon Max in Bangalore and various exciting Data plans for Rest of Karnataka market. We will continue to give the best of services to our customers and design simple, innovative and value for money products
“We will continue to give best of services to our customers”
Mobility july2012.indd 15 7/29/2012 2:14:35 PM
MOBILITY16 | July 2012 www.mobilityindia.com MOBILITY www.mobilityindia.com
Cover Story
new concept, hackers today leverage this to plan and launch intricate and complex attacks for financial gain.
Commenting on the mobile security arena within the country, Ambarish Deshpande - Blue Coat, Managing Director - India Sales, says that, ‘With the growth of Bring Your Own Devices (BYOD), we see a move toward integration of corporate as well as personal information on a single device. This has important implications for organisations, as it increases their risk exposure for security, but also for data leakage of corporate information. Mobile Commerce is also seeing a steady rise due to increased smart-phone adoption making it a lucrative arena for hackers to siphon off money. Mobile phone and application technology is way ahead of the security adoption that is required to protect user data and block access to dynamic web threats that are increasingly mobile. Traditional defences like anti-virus and anti-spam endpoint solutions are not enough for mobile devices since these devices lack the processing power to support traditional anti-virus. Organisations need to extend their control beyond the corporate infrastructure to include mobility, but the question is how to do this cost-effectively
and efficiently? The answer is in the Cloud,’ he explains.
Expressing his opinion on mobile related security, Jagannath Patnaik, Director - Channel Sales, Kaspersky Lab - South Asia said that in today’s world of BYOD ( Bring your own device) for work as well as personal use we are living in highly mobile era.
‘Mobile devices like smartphones and tablets are on the rise, and they are used heavily for all types of activities. At the same time the level of protection on smartphones and tablets is noticeably poor.
This is an alarming fact, because such devices sometimes store highly sensitive data like personal and work documents and e-mails, personal photos and even banking credentials are frequently stored on devices. With the increasing variety and number of malware threats that are targeting smartphones, it’s essential to have first line of defence
i.e. Mobile security solution to protect your phone and the personal data you store on it. Mobile Security Solution should be easy to use and offer maximum protection against
Internet threats and malwares. It should also offer protection in case of mobile.” He explained.
With mobile users on the go, it is necessary to remotely manage mobile devices as they connect to various public networks (Wi-Fi ‘hot-spots’, cellularnetworks like GPRS, IDEN, EVDO, etc.) to access email, business information and data. Legacy solutions, designed for managing devices within the four walls, are not equipped to manage these remote devices while protecting the corporate network in an efficient, cost-effective and secure way.
Deshpande from Blue Coat says that mobile security if explained generally would be everything from remote lock and wipe to threat protection for mobile devices. “According to Nemertes Research, the top mobile security measures deployed by companies are wipe and lock functionality (77.4%) and encryption (63%). These features include only device and data loss solutions. The whole aspect of securing web enabled applications and mass market malware has taken a back seat. With employees using personal devices at the workplace organizations need to step up their mobile security infrastructure by adding dynamic web security functionality, so that their mission critical data is safe and secure. A move towards more powerful, IP-based network infrastructure is leading to increased use of data-heavy mobile services, which need more sophisticated management. IT organizations need to find a middle ground, leveraging some oftheR&DdoneinthePC/laptoparenawhile keeping the unique needs of the mobile device in mind to ensure that the mobile experience is not negatively affected in any way,’ he adds on.
More and more sophisticated security threats are appearing as new devices provide richer targets. New threats to mobile devices, including malicious programs (viruses, worms and Trojan horses) continue to appear. Despite the fact that the current threat is not particularly high, we predict that the iPhone, Android, and mobile devices with WiFiandotherbroadbandcapabilitieswillundoubtedly be rich targets for malware and viruses in the coming years.
Current mobile devices are built on the different operating system which
has created an avenue for the hackers to target different platform. The new mobile devices which are in vogue have a huge rangeoffunctionality;theyareinevitablyexposed to a larger set of risks.
Commenting on the mobile security trends in the country, Patnaik from Kaspersky says that, ‘It is becoming a trend that the employees use personal phone for corporate purpose which makes it further more difficult to enforce security policies and ensure data privacy and security. Infection on the smartphones are mostly “trojanized” apps that steal information about the phone or send SMS messages, also includes a banking Trojan that intercepts access tokens for banking web sites & spyware applications that are used to spy on family members or associates,’ he adds on.Customer perspective: Modern
consumers live a full-scale digital life. Their virtual assets like personal photos and videos, work documents, passwords to access social networking and online banking credentials are of the utmost importance and users are very concerned about safety of such data. Social networking is the second most popular online activity after e-mail exchange and most popular devices used for accessing social networking sites are tablets or Mobile devices. Most of the smart phone users are aware about the threats related to social networks, online banking transactions yet the level of security on the mobile devices is very low and significant share of smartphone users are reckless in terms of security.
“But this trend is slowly changing and most of the smartphone users are looking for the complete security solution with enhanced capabilities like anti-theft protection like protection against malwares (antivirus), Anti-theft features like - remote data wipe, device lock, GPS localisation, privacy protection which helps them in protecting their private data,” Patnaik is quick to add on.
It is interesting to note that in today’s scenario, the security goals are:Minimizing modification of corporate firewall configuration and integrating with existing security technologies. Preventing devices from having unlimited access to the corporate network. Ensuring secure, encrypted communication without incurring the overhead of resource-intensive VPN clients.Gartner–anadvisoryfirm–hasstated
recently that mobile payment transactions will surpass USD171.5 billion in 2012. This
would represent a 61.9 percent increase from 2011, which was USD105.9 billion. Mobile commerce is also taking off in India due to the proliferation of smart phones among young people here. Recently, eBay revealed that among 4,500 users that it surveyed here, 68% of those stated that made online purchases using smart phones.
This is a reflection that mobile commerce is on an upward swing in India. Some of the security features that one can consider before participating in mobile commerce is securing the web browser by an inactivity lock out. This technology logs out the user automatically when an internet connection over a mobile device is lost.
Security Offering from IndustryBlue Coat offers Cloud Service which
is the most appropriate solution for the BYOD era. Blue Coat’s Cloud Service uniquely integrates with our appliance –ProxySG to create a seamless, Unified Web Security defence for enterprises.
‘Proxy SG is our flagship security product. It is a web gateway appliance that provides full visibility, control and security of employee internet activity with a rich feature set. Blue Coat’s Next Generation Web Filtering identifies and orp-activelyblocks malware, spyware, and phishing attacks, regardless of the type or content, while delivering fast and accurate granular URL filtering. The main aspect of Blue Coat’s Security that sets apart from the competition is the proactive Negative Day Defence which is capable of securing users against attacks before they occur. This Negative Day Defence blocks the source
location of the malware so that users are protected before attacks attempt to infect their device,’ Deshpande from Blue Coat explains.
Talking about Kasperky offering on mobile security, Patnaik says that, ‘Today the industry is looking for complete mobile security solution with enhanced capabilities like anti-theft protection like protection against malwares (antivirus), Anti-theft features like - remote data wipe, device lock, GPS localisation, privacy protection which help in protecting business critical information and private data. The data transfer and operation must have at least 256 bit encryption. There must always be OTP instead of regular password. We have Kaspersky Mobile Security solution that provides world-class protection. Kaspersky Mobile Security employs traditional methods of anti-malware protection, combined with heuristics and cloud technologies,’ he adds on.
It is true that today’s fast emerging mobile devices without malware safeguards are a vulnerable entry point into the corporate network for viruses and malicious applications. And conventional anti-virus solutions designed for PCs are not suited for mobile devices due to the reliance on a sizable database of virus definitions stored on the device that needs to be constantly updated, causing excessive network traffic. On top if all this, the frequent scanning of memory, necessary to detect viruses, adversely affects the performance of the device’s low power processor and battery life. In such scenario, getting proper security help from vendors such as Kaspersky or Bluecoat is highly recommended.
"Mobile devices like smartphones and tablets are on the rise, and they are used heavily for all types of activities. At the same time the level of protection on smartphones and tablets is noticeably poor. This is an alarming fact, because such devices sometimes store highly sensitive data like personal and work documents and e-mails, personal photos and even banking credentials are frequently stored on devices."Jagannath Patnaik, Director - Channel Sales, Kaspersky Lab - South Asia
Mobility july2012.indd 16 7/29/2012 2:14:42 PM
MOBILITYwww.mobilityindia.com MOBILITY July 2012 | 17 www.mobilityindia.com
Cover Story
new concept, hackers today leverage this to plan and launch intricate and complex attacks for financial gain.
Commenting on the mobile security arena within the country, Ambarish Deshpande - Blue Coat, Managing Director - India Sales, says that, ‘With the growth of Bring Your Own Devices (BYOD), we see a move toward integration of corporate as well as personal information on a single device. This has important implications for organisations, as it increases their risk exposure for security, but also for data leakage of corporate information. Mobile Commerce is also seeing a steady rise due to increased smart-phone adoption making it a lucrative arena for hackers to siphon off money. Mobile phone and application technology is way ahead of the security adoption that is required to protect user data and block access to dynamic web threats that are increasingly mobile. Traditional defences like anti-virus and anti-spam endpoint solutions are not enough for mobile devices since these devices lack the processing power to support traditional anti-virus. Organisations need to extend their control beyond the corporate infrastructure to include mobility, but the question is how to do this cost-effectively
and efficiently? The answer is in the Cloud,’ he explains.
Expressing his opinion on mobile related security, Jagannath Patnaik, Director - Channel Sales, Kaspersky Lab - South Asia said that in today’s world of BYOD ( Bring your own device) for work as well as personal use we are living in highly mobile era.
‘Mobile devices like smartphones and tablets are on the rise, and they are used heavily for all types of activities. At the same time the level of protection on smartphones and tablets is noticeably poor.
This is an alarming fact, because such devices sometimes store highly sensitive data like personal and work documents and e-mails, personal photos and even banking credentials are frequently stored on devices. With the increasing variety and number of malware threats that are targeting smartphones, it’s essential to have first line of defence
i.e. Mobile security solution to protect your phone and the personal data you store on it. Mobile Security Solution should be easy to use and offer maximum protection against
Internet threats and malwares. It should also offer protection in case of mobile.” He explained.
With mobile users on the go, it is necessary to remotely manage mobile devices as they connect to various public networks (Wi-Fi ‘hot-spots’, cellularnetworks like GPRS, IDEN, EVDO, etc.) to access email, business information and data. Legacy solutions, designed for managing devices within the four walls, are not equipped to manage these remote devices while protecting the corporate network in an efficient, cost-effective and secure way.
Deshpande from Blue Coat says that mobile security if explained generally would be everything from remote lock and wipe to threat protection for mobile devices. “According to Nemertes Research, the top mobile security measures deployed by companies are wipe and lock functionality (77.4%) and encryption (63%). These features include only device and data loss solutions. The whole aspect of securing web enabled applications and mass market malware has taken a back seat. With employees using personal devices at the workplace organizations need to step up their mobile security infrastructure by adding dynamic web security functionality, so that their mission critical data is safe and secure. A move towards more powerful, IP-based network infrastructure is leading to increased use of data-heavy mobile services, which need more sophisticated management. IT organizations need to find a middle ground, leveraging some oftheR&DdoneinthePC/laptoparenawhile keeping the unique needs of the mobile device in mind to ensure that the mobile experience is not negatively affected in any way,’ he adds on.
More and more sophisticated security threats are appearing as new devices provide richer targets. New threats to mobile devices, including malicious programs (viruses, worms and Trojan horses) continue to appear. Despite the fact that the current threat is not particularly high, we predict that the iPhone, Android, and mobile devices with WiFiandotherbroadbandcapabilitieswillundoubtedly be rich targets for malware and viruses in the coming years.
Current mobile devices are built on the different operating system which
has created an avenue for the hackers to target different platform. The new mobile devices which are in vogue have a huge rangeoffunctionality;theyareinevitablyexposed to a larger set of risks.
Commenting on the mobile security trends in the country, Patnaik from Kaspersky says that, ‘It is becoming a trend that the employees use personal phone for corporate purpose which makes it further more difficult to enforce security policies and ensure data privacy and security. Infection on the smartphones are mostly “trojanized” apps that steal information about the phone or send SMS messages, also includes a banking Trojan that intercepts access tokens for banking web sites & spyware applications that are used to spy on family members or associates,’ he adds on.Customer perspective: Modern
consumers live a full-scale digital life. Their virtual assets like personal photos and videos, work documents, passwords to access social networking and online banking credentials are of the utmost importance and users are very concerned about safety of such data. Social networking is the second most popular online activity after e-mail exchange and most popular devices used for accessing social networking sites are tablets or Mobile devices. Most of the smart phone users are aware about the threats related to social networks, online banking transactions yet the level of security on the mobile devices is very low and significant share of smartphone users are reckless in terms of security.
“But this trend is slowly changing and most of the smartphone users are looking for the complete security solution with enhanced capabilities like anti-theft protection like protection against malwares (antivirus), Anti-theft features like - remote data wipe, device lock, GPS localisation, privacy protection which helps them in protecting their private data,” Patnaik is quick to add on.
It is interesting to note that in today’s scenario, the security goals are:Minimizing modification of corporate firewall configuration and integrating with existing security technologies. Preventing devices from having unlimited access to the corporate network. Ensuring secure, encrypted communication without incurring the overhead of resource-intensive VPN clients.Gartner–anadvisoryfirm–hasstated
recently that mobile payment transactions will surpass USD171.5 billion in 2012. This
would represent a 61.9 percent increase from 2011, which was USD105.9 billion. Mobile commerce is also taking off in India due to the proliferation of smart phones among young people here. Recently, eBay revealed that among 4,500 users that it surveyed here, 68% of those stated that made online purchases using smart phones.
This is a reflection that mobile commerce is on an upward swing in India. Some of the security features that one can consider before participating in mobile commerce is securing the web browser by an inactivity lock out. This technology logs out the user automatically when an internet connection over a mobile device is lost.
Security Offering from IndustryBlue Coat offers Cloud Service which
is the most appropriate solution for the BYOD era. Blue Coat’s Cloud Service uniquely integrates with our appliance –ProxySG to create a seamless, Unified Web Security defence for enterprises.
‘Proxy SG is our flagship security product. It is a web gateway appliance that provides full visibility, control and security of employee internet activity with a rich feature set. Blue Coat’s Next Generation Web Filtering identifies and orp-activelyblocks malware, spyware, and phishing attacks, regardless of the type or content, while delivering fast and accurate granular URL filtering. The main aspect of Blue Coat’s Security that sets apart from the competition is the proactive Negative Day Defence which is capable of securing users against attacks before they occur. This Negative Day Defence blocks the source
location of the malware so that users are protected before attacks attempt to infect their device,’ Deshpande from Blue Coat explains.
Talking about Kasperky offering on mobile security, Patnaik says that, ‘Today the industry is looking for complete mobile security solution with enhanced capabilities like anti-theft protection like protection against malwares (antivirus), Anti-theft features like - remote data wipe, device lock, GPS localisation, privacy protection which help in protecting business critical information and private data. The data transfer and operation must have at least 256 bit encryption. There must always be OTP instead of regular password. We have Kaspersky Mobile Security solution that provides world-class protection. Kaspersky Mobile Security employs traditional methods of anti-malware protection, combined with heuristics and cloud technologies,’ he adds on.
It is true that today’s fast emerging mobile devices without malware safeguards are a vulnerable entry point into the corporate network for viruses and malicious applications. And conventional anti-virus solutions designed for PCs are not suited for mobile devices due to the reliance on a sizable database of virus definitions stored on the device that needs to be constantly updated, causing excessive network traffic. On top if all this, the frequent scanning of memory, necessary to detect viruses, adversely affects the performance of the device’s low power processor and battery life. In such scenario, getting proper security help from vendors such as Kaspersky or Bluecoat is highly recommended.
Some of the challenges in a mobility driven security world
• Protectingthecorporatenetworkandfirewall• ManagingandLimitingaccesstosensitivecorporatedata• UserAuthentication• Securingstoreddataondeviceandstoragemedia• Securingover-the-aircommunicationtoprotectdataintransit• SecureandEncryptedFileTransfers• Virusandmalwareprotection• IntrusionDetection• DisablingCommunicationModulesandHardwareFeatures• DeviceLockdownandControlledWebBrowsing• Securinglostorstolendevices• RemoteControlfunctionalityforInstantDeviceTake-over• ManagingSecurityforRemoteOut-of-Contactdevices
Mobility july2012.indd 17 7/29/2012 2:14:42 PM
