Mobile Security: Four Key Opportunities for the Channel - Banking Mobile Security
(
Page 2 of 4 )
With so many consumers transitioning to mobile-banking applications, the
interest from financial institutions in mobile security is growing. In a report
out last week from analyst firm Ovum,
industry watcher Graham Titterington noted that the insecurity of mobile
devices and the growing computational power of individual devices make the
mobile channel a likely risk as an attack vehicle.
"As the ecosystem becomes more diverse, more powerful and complex and
more integrated with the IP world" he wrote, "hackers will find ways
to attack it and perpetrate fraud. Mobile
and Internet banking security communities must work together. Although the
means of attack are channel specific, the business level threats are the same.
"As mobile banking services become more powerful, the two channels will
move towards being alternative interfaces to a common service. This will create
the danger of crossover threats, where weaknesses in one interface may be used
to attack the other one."
This will give channel partners a tremendous opportunity to
package solutions for financial customers seeking to meet these threats head
on. According to Ovum, mobile-security technology areas that will be key for
the banking include the following:
- user authentication
- malware detection
- end-to-end encryption
- bank-session monitoring
- blocking of suspect
connection
- fraud detection for all
transactions
Clearly, all of these are similar to the
practices already held dear by financial companies for internet banking--the challenge
for partners will be to apply them to the mobile space.
{mospagebreak title=Mobile
Device Management}
Mass mobile-device infections might not be a very real threat today, but the
catastrophic breach of data through the careless loss of a device certainly is.
According to a survey released in April 2010 conducted by Osterman Research on
behalf of Proofpoint, more than one in
five U.S. companies investigated the exposure of confidential, sensitive or
private information via lost or stolen mobile devices in the past 12 months. It
turns out that 51 percent of companies are highly concerned about the risk of
information leakage via e-mail sent from mobile devices.
Channel partners have a tremendous opportunity to help organizations develop
and manage policies around how to deal with lost devices, how users interact
with data through their mobile devices and how data is encrypted on those
devices.
According to recent survey results, there is room for the mobile-device
management market to grow. Most enterprises admit that they have no formalized
processes or policies to manage mobile devices in place—however, many have
device management penciled in to budgets for the near future.
Conducted by Applied Research on behalf of Symantec,
one recent survey showed that only 38 percent of enterprise-class organizations
have formal device-security policies in place. However, 33 percent of
respondents did say they were moving toward formal policies. For the channel,
this means that a good third of your potential enterprise clients are looking
to spend money in this area.
