Digital Edition

SYS-CON.TV
Understanding the Risks and Value of Mobility to Your Stakeholders
It’s important to understand what your stakeholders are looking for out of mobility

The key to securing your mobility is to understand how it is being used in your environment and what is potentially at risk. Taking stock of the mobile devices, applications and traffic in your network is critical to identifying how your data and resources are potentially vulnerable.

Since mobile devices are being used to do more and more -the devices being carried around today are 3000 times more powerful than the compute power on the original space shuttle6 - the potential risks continue to increase. Once an attacker is "in" - tricking a user into downloading malware or a malicious app, infecting a Wi-Fi hot spot, exploiting a device vulnerability, in the operating system, hardware, configurations, etc. - they can do almost anything on the device and apps, including:

  • Intercept emails and text messages
  • Steal application data, including content within secure containers and wrappers
  • Capture browsing activity, including any usernames and passwords entered into sites
  • Extract contact lists, call and text logs
  • Activate the microphone (to listen in on private conversations and meetings)
  • Use the camera to take pictures or videos (white boards, manufacturing plant layouts, etc.)
  • Track location (where an executive is going could provide insights into potential customer deals or merger/acquisition plans, etc.) Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.

Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.

Role

What Mobility Represents to Them

Their Mobile Security Priorities

CISO

Business-level objective to improve agility and overall productivity.

Getting ahead of the evolving mobile threat landscape to prevent intellectual property loss, tough board-level discussions and lawsuits that:

  • Erode customer confidence
  • Tarnish brand reputation
  • Reduce competitive advantage

Audit & Risk Managers

An initiative that introduces risks that need to be quantified and managed.

Meeting compliance goals by adhering to security best practices and putting measures in place that reduce the attack surface.

Audit & Risk Managers

An initiative with a lot of moving parts out of their control. Need to support:

  • BYOD
  • New mobile application roll outs
  • Ongoing management and maintenance of mobile policies

Improving visibility to better manage mobile devices and applications and reduce risks to ensure alignment with overall security policies and practices.

Security Team

An initiative that opens up a lot of new threat vectors that need to be managed and mitigated to keep resources safe and prevent data leakage.

Effectively assessing mobile risks, integrating mobile intelligence into security information and event management (SIEM) and network access control (NAC) systems, and consistently applying policies, regardless of how or where a user accesses resources.

Employees

The convenience of being able to work whenever and wherever they are located.

Protecting their privacy and preserving a simple, good user experience.

About Michael Shaulov
Michael Shaulov is CEO and co-founder of Lacoon Mobile Security. He’s responsible for the direction of the company, with a maniacal focus on adding the security organizations need to effectively leverage mobility. He is a recognized industry speaker, delivering talks at BlackHat EU, BlackHat USA and Infosec.

Prior to founding Lacoon, Michael co-founded BlueRidge Storage Systems and founded and led the Mobile Intrusive Interception team for the security division of NICE Systems LTD. Before his commercial endeavors, he pioneered the mobile security field in an elite military technological unit, where he received the Israeli Presidential Excellency Honor for his contributions. He holds a BSc in Computer Sciences and Physics from Ben-Gurion University, Israel.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

With the rise of Docker, Kubernetes, and other container technologies, the growth of microservices h...
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, m...
As you know, enterprise IT conversation over the past year have often centered upon the open-source ...
Kubernetes is a new and revolutionary open-sourced system for managing containers across multiple ho...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
Technology has changed tremendously in the last 20 years. From onion architectures to APIs to micros...
Kubernetes is an open source system for automating deployment, scaling, and management of containeri...
IT professionals are also embracing the reality of Serverless architectures, which are critical to d...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, will ...
"There is a huge interest in Kubernetes. People are now starting to use Kubernetes and implement it,...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
Today most companies are adopting or evaluating container technology - Docker in particular - to spe...
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually ne...
Using serverless computing has a number of obvious benefits over traditional application infrastruct...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
When a company wants to develop an application, it must worry about many aspects: selecting the infr...
At its core DevOps is all about collaboration. The lines of communication must be opened and it take...
Modern software design has fundamentally changed how we manage applications, causing many to turn to...
In an age of borderless networks, security for the cloud and security for the corporate network can ...