Managed Security Service Provider Mobile Apps Boon?

By Michael Vizard  |  Print this article Print
managed security service provider, mobile app security

ANALYSIS: The opportunity to deliver managed security services for mobile applications is emerging. While it's still early days, there's promise for the future.

Ingram Micro is also expanding the scope of its mobile application security ambitions. The distributor recently formed an alliance with Lookout Inc., a provider of a cloud service that makes use of sensors and machine learning algorithms in an effort to protect data residing with thousands of mobile applications. The goal is to enable MSPs to better secure those applications without requiring them to absorb a lot extra capital costs, said David Helfer, vice president of world channel development and inside sales at Lookout.

"We think this will be a big opportunity for MSPs," Helfer said. "A lot of them don't have the skill set needed to deliver this service on their own.

Already moving to expand the scope of its mobile application service is NTT Communications. The MSP has inked an alliance with Bromium, a provider of software that uses micro-virtual machines to isolate applications, to better secure endpoints. Bromium CTO Simon Crosby said that most of the mobile application opportunity for solution providers in the channel clearly surrounds Windows platforms that are prone to be more vulnerable than Apple's iOS.

To address that challenge, Microsoft is working with Bromium to embed support for micro virtual machines (micro VMs) in Windows 10. However, it will be years before Windows 10 supplants all the previous iterations of Windows running on notebooks and tablet PCs. NTT plans to apply Bromium micro VMs to the broad range of Windows devices that it needs to support, Crosby said.

"Solution providers need to distinguish between when customers just want a compliance solution versus needing to really secure a mobile application," Crosby said. "Smartphone manufacturers already do a good job on hardware isolation. That's why you don't see any breaches involving mobile apps that have been certified in an app store."

The challenge facing solution providers is determining what mix of security technologies to bring to bear to turn both mobile application and mobile device security into an opportunity that drives a profitable set of repeatable services. Today, many MSPs already deliver services to secure mobile devices. The next frontier is going to be securing more of the applications themselves.

Michael Vizard has been covering IT issues in the enterprise for more than 25 years as an editor and columnist for publications such as InfoWorld, eWEEK, Baseline, CRN, ComputerWorld and Digital Review.