Welcome!

News Feed Item

New RSA Research Tackles Mounting Risks from Mobile Devices in the Enterprise

19 Global Security Chiefs Deliver Strategic Guidance to Capture Mobile Business Opportunities in Latest Report

LONDON, Oct. 9, 2012 /PRNewswire/ -- RSA CONFERENCE EUROPE 2012 --

News Summary:

  • Security for Business Innovation Council (SBIC) report features recommendations for managing mobile devices in the enterprise from 19 global security thought leaders
  • Recommendations outline how organizations can leverage the power of mobile devices, while also managing associated risks

Full Story:

RSA, The Security Division of EMC (NYSE: EMC), released a new research report today from the Security for Business Innovation Council (SBIC) that addresses the continued surge of consumer mobile devices in the enterprise and shares security leaders' insights on how to manage the fast-changing mobility risks while maximizing business opportunities.  Mobile threats are developing quickly and technologies keep shifting creating new security holes.  As more and more consumer devices access corporate networks and store corporate data, potentially devastating consequences range from the loss or leakage of valuable intellectual property to brand damage if fraudulent access results in a high-profile security breach. The Council consensus is that the time is now for enterprises to integrate risk management into their mobile vision. The potential benefits include increased agility, improved productivity, faster sales, and reduced costs. Capitalizing on the business opportunities of mobile computing is only possible if enterprises know the risks and how to manage them. 

The Security for Business Innovation Council's latest report, titled "Realizing the Mobile Enterprise: Balancing the Risks and Rewards of Consumer Devices," is derived from the expertise and real-world experiences of 19 security leaders, who represent some of the world's most forward-thinking security organizations. 

The report identifies today's major sources of risk for the mobile enterprise and the outlook for the near future. It also answers critical questions such as:

  • What are the most important mobile policy decisions and who should make them?
  • How do you mitigate risks such as lost or stolen devices?
  • What should be included in a "Bring Your Own Device (BYOD)" agreement?
  • Why or why not use a mobile device management (MDM) solution?
  • What are the requirements for designing secure mobile apps?

In the report, the Council presents five strategies for building effective, adaptable mobile programs:

  1. Establish mobile governance – Organizations should engage cross-functional teams to set clear ground rules. Every mobile project should start by defining business goals, including expectations of cost savings or revenue generation, and by establishing the level of risk that the organization is willing to accept to achieve those goals.
  2. Create an action plan for the near-term – Mobile security technologies are fast-moving and, in many cases, too nascent to allow organizations to make long-term mobile security investments. The Council lays out several stop gap measures and key steps to take over the next 12-18 months.
  3. Build core competencies in mobile app security – Knowing how to design mobile apps in a way that protects corporate data is absolutely critical, yet many information security teams do not have the necessary level of expertise. The Council emphasizes it's not just about bolting on security, but requires a careful examination of the app's overall functionality and architecture, and they provide key design criteria.  
  4. Integrate mobility into long-term vision – Numerous trends are affecting long-term risk management planning. Organizations need to update their approach to security including risk-based, adaptive authentication; network segmentation; data-centric security controls; and cloud-based gateways.
  5. Expand mobile situational awareness – Corporate security teams should deepen and continually refresh their understanding of the mobile ecosystem.

Executive Quotes:

Art Coviello, Executive Vice President, EMC, Executive Chairman, RSA

"With the prevalence of mobile devices and applications, organizations have huge opportunities to create business value, but the accompanying risks are equally huge.  This new report from the Security for Business Innovation Council provides strategic guidance that helps organizations not only reduce their mobile liabilities but also foster mobile  programs that enable them to realize the full benefits of the mobile enterprise."

William Boni, Chief Information Security Officer, VP Enterprise Information Security, T-Mobile USA

"Similar to PCs, with mobile computing we'll see a largely consumer phenomenon evolve into a comprehensive enterprise framework which allows sufficient security over data. It has to evolve fast.  But will it be fast enough? We're in an arms race between malicious exploitation and security protection."

About the Security for Business Innovation Council

The Security for Business Innovation Council is a group of top security leaders from Global 1000 enterprises committed to advancing information security worldwide by sharing their diverse professional experiences and insights. The Council produces periodic reports exploring information security's central role in enabling business innovation.

Contributors to this report include 19 security leaders from some of the largest global enterprises:


ABN Amro 

FedEx

Northrop Grumman

ADP, Inc.

Intel

SAP AG

Airtel

HDFC Bank

TELUS

AstraZeneca

HSBC Holdings plc.

T-Mobile USA

Coca-Cola

Johnson & Johnson

Walmart

eBay

JPMorgan Chase


EMC

Nokia


Additional Resources:

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk, and compliance- management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, and Fraud Protection with industry-leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.EMC.com/RSA.

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.

SOURCE EMC Corporation

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Many companies start their journey to the cloud in the DevOps environment, where software engineers want self-service access to the custom tools and frameworks they need. Machine learning technology can help IT departments keep up with these demands. In his session at 21st Cloud Expo, Ajay Gulati, Co-Founder, CTO and Board Member at ZeroStack, will discuss the use of machine learning for automating provisioning of DevOps resources, taking the burden off IT teams.
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 21st Cloud Expo, Lennart Frantzell, a Developer Advocate with IBM, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing devel...
Cloud-based disaster recovery is critical to any production environment and is a high priority for many enterprise organizations today. Nearly 40% of organizations have had to execute their BCDR plan due to a service disruption in the past two years. Zerto on IBM Cloud offer VMware and Microsoft customers simple, automated recovery of on-premise VMware and Microsoft workloads to IBM Cloud data centers.
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
Real IoT production deployments running at scale are collecting sensor data from hundreds / thousands / millions of devices. The goal is to take business-critical actions on the real-time data and find insights from stored datasets. In his session at @ThingsExpo, John Walicki, Watson IoT Developer Advocate at IBM Cloud, will provide a fast-paced developer journey that follows the IoT sensor data from generation, to edge gateway, to edge analytics, to encryption, to the IBM Bluemix cloud, to Wa...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In his session at @DevOpsSummit at 21st Cloud Expo, Chris Van Tuin, Chief Technologist, NA West at Red Hat, will discuss: The top security r...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...