Welcome!

News Feed Item

New RSA Research Tackles Mounting Risks from Mobile Devices in the Enterprise

19 Global Security Chiefs Deliver Strategic Guidance to Capture Mobile Business Opportunities in Latest Report

LONDON, Oct. 9, 2012 /PRNewswire/ -- RSA CONFERENCE EUROPE 2012 --

News Summary:

  • Security for Business Innovation Council (SBIC) report features recommendations for managing mobile devices in the enterprise from 19 global security thought leaders
  • Recommendations outline how organizations can leverage the power of mobile devices, while also managing associated risks

Full Story:

RSA, The Security Division of EMC (NYSE: EMC), released a new research report today from the Security for Business Innovation Council (SBIC) that addresses the continued surge of consumer mobile devices in the enterprise and shares security leaders' insights on how to manage the fast-changing mobility risks while maximizing business opportunities.  Mobile threats are developing quickly and technologies keep shifting creating new security holes.  As more and more consumer devices access corporate networks and store corporate data, potentially devastating consequences range from the loss or leakage of valuable intellectual property to brand damage if fraudulent access results in a high-profile security breach. The Council consensus is that the time is now for enterprises to integrate risk management into their mobile vision. The potential benefits include increased agility, improved productivity, faster sales, and reduced costs. Capitalizing on the business opportunities of mobile computing is only possible if enterprises know the risks and how to manage them. 

The Security for Business Innovation Council's latest report, titled "Realizing the Mobile Enterprise: Balancing the Risks and Rewards of Consumer Devices," is derived from the expertise and real-world experiences of 19 security leaders, who represent some of the world's most forward-thinking security organizations. 

The report identifies today's major sources of risk for the mobile enterprise and the outlook for the near future. It also answers critical questions such as:

  • What are the most important mobile policy decisions and who should make them?
  • How do you mitigate risks such as lost or stolen devices?
  • What should be included in a "Bring Your Own Device (BYOD)" agreement?
  • Why or why not use a mobile device management (MDM) solution?
  • What are the requirements for designing secure mobile apps?

In the report, the Council presents five strategies for building effective, adaptable mobile programs:

  1. Establish mobile governance – Organizations should engage cross-functional teams to set clear ground rules. Every mobile project should start by defining business goals, including expectations of cost savings or revenue generation, and by establishing the level of risk that the organization is willing to accept to achieve those goals.
  2. Create an action plan for the near-term – Mobile security technologies are fast-moving and, in many cases, too nascent to allow organizations to make long-term mobile security investments. The Council lays out several stop gap measures and key steps to take over the next 12-18 months.
  3. Build core competencies in mobile app security – Knowing how to design mobile apps in a way that protects corporate data is absolutely critical, yet many information security teams do not have the necessary level of expertise. The Council emphasizes it's not just about bolting on security, but requires a careful examination of the app's overall functionality and architecture, and they provide key design criteria.  
  4. Integrate mobility into long-term vision – Numerous trends are affecting long-term risk management planning. Organizations need to update their approach to security including risk-based, adaptive authentication; network segmentation; data-centric security controls; and cloud-based gateways.
  5. Expand mobile situational awareness – Corporate security teams should deepen and continually refresh their understanding of the mobile ecosystem.

Executive Quotes:

Art Coviello, Executive Vice President, EMC, Executive Chairman, RSA

"With the prevalence of mobile devices and applications, organizations have huge opportunities to create business value, but the accompanying risks are equally huge.  This new report from the Security for Business Innovation Council provides strategic guidance that helps organizations not only reduce their mobile liabilities but also foster mobile  programs that enable them to realize the full benefits of the mobile enterprise."

William Boni, Chief Information Security Officer, VP Enterprise Information Security, T-Mobile USA

"Similar to PCs, with mobile computing we'll see a largely consumer phenomenon evolve into a comprehensive enterprise framework which allows sufficient security over data. It has to evolve fast.  But will it be fast enough? We're in an arms race between malicious exploitation and security protection."

About the Security for Business Innovation Council

The Security for Business Innovation Council is a group of top security leaders from Global 1000 enterprises committed to advancing information security worldwide by sharing their diverse professional experiences and insights. The Council produces periodic reports exploring information security's central role in enabling business innovation.

Contributors to this report include 19 security leaders from some of the largest global enterprises:


ABN Amro 

FedEx

Northrop Grumman

ADP, Inc.

Intel

SAP AG

Airtel

HDFC Bank

TELUS

AstraZeneca

HSBC Holdings plc.

T-Mobile USA

Coca-Cola

Johnson & Johnson

Walmart

eBay

JPMorgan Chase


EMC

Nokia


Additional Resources:

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk, and compliance- management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, and Fraud Protection with industry-leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.EMC.com/RSA.

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.

SOURCE EMC Corporation

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, will examine the regulations and provide insight on how it affects technology, challenges the established rules and will usher in new levels of diligence...
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...
SYS-CON Events announced today that Calligo, an innovative cloud service provider offering mid-sized companies the highest levels of data privacy and security, has been named "Bronze Sponsor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalised support service from its globally located cloud plat...
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, discussed the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information.
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-securit...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
SYS-CON Events announced today that DXWorldExpo has been named “Global Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Digital Transformation is the key issue driving the global enterprise IT business. Digital Transformation is most prominent among Global 2000 enterprises and government institutions.
SYS-CON Events announced today that Datera, that offers a radically new data management architecture, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera is transforming the traditional datacenter model through modern cloud simplicity. The technology industry is at another major inflection point. The rise of mobile, the Internet of Things, data storage and Big...
"With Digital Experience Monitoring what used to be a simple visit to a web page has exploded into app on phones, data from social media feeds, competitive benchmarking - these are all components that are only available because of some type of digital asset," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pretty consistent with that," noted Marc Malafronte, Territory Manager at StorageCraft, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"DivvyCloud as a company set out to help customers automate solutions to the most common cloud problems," noted Jeremy Snyder, VP of Business Development at DivvyCloud, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications. Kubernetes was originally built by Google, leveraging years of experience with managing container workloads, and is now a Cloud Native Compute Foundation (CNCF) project. Kubernetes has been widely adopted by the community, supported on all major public and private cloud providers, and is gaining rapid adoption in enterprises. However, Kubernetes may seem intimidating and complex ...
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of S...