Securing mobile deployments in a fragmented security landscape
VDC will be releasing its annual mobile security report next week, which takes an in-depth look at how enterprise mobility management (EMM) vendors have enhanced their mobile security capabilities and how ownership models like that of BYOD impact mobile security investments, as the line between personal computers and mobile devices is increasingly blurred. While the mobile hardware race is in full swing, so too is the battle among mobile ISVs, who are all vying to be the primary provider for an increasingly broad range of mobile solutions for today’s enterprise. An ever-growing mobile workforce carries with it an increasing amount of potentially vulnerable data ranging from emails and attachments, voicemail and private corporate data. Vulnerabilities such as malware, direct attacks, data interception, exploitation, and social engineering all have transitioned into the mobile space as fluidly as the operating systems themselves. In addition to having a significant financial impact, such breaches can cost organizations in terms of lost time and productivity. As a result, infrastructure investments for mobile management and security are rapidly become a top priority for CIOs, CISOs and IT leaders.
There is no silver bullet
Traditional MDM vendors have expanded their functional range to include integrated end-to-end enterprise mobility management platforms, which incorporate key app, content and network management capabilities; although organizations are recognizing that more is needed to ensure that their devices are secure in a constantly evolving threat landscape. Given the nature of how work styles have changed, and increasing desire of employees to want/need to work at any time, from any location, with data that’s accessible from the company network, the Web, or the cloud, IT is faced with a moving target and requires a broad range of protective measures depending on their organization’s security posture. Given the multilayered security dynamics of mobile platforms, security cannot be assured by finding an ideal hardware configuration or relying on a single type of communications network to catch all threats. In a dynamic market, operating systems, applications, devices, and networks all have a significant impact on security.
Mobile-first ISVs with a strong security orientation that have entered the market are taking a decidedly different path. These vendors are using a combination of technologies and have taken differentiated approaches to securing mobile platforms. One clear difference is their focus on not limiting users to specific applications (what some call an “appnostic” approach) by providing the means to apply security policies to any application. This vendor class is also keen on promoting their vision of what containerization means. To these vendors, moving into a work persona is a form of containerization, or any app that is “badged” may also be considered as being containerized. Another key area of differentiation is the focus on data and applications rather than on devices themselves.
Enterprises are looking to boost EMM investments
Enterprises are looking to mitigate the risk of data breaches, but the solutions aren’t entirely satisfying enterprise requirements. According to a recent VDC survey, nearly 50% of the respondents to a survey recently fielded by VDC indicate that they were not completely satisfied with the level of security they were being provided by their mobile device management vendor partner.
VDC expects that continued investment in device management solutions will drive adoption of mobile security-related products, as enterprises deploy advanced solutions to track, monitor and authorize corporate data access, as an increasing number of their employees bring their devices into the workplace. For this reason, we believe that mobile security vendors can expect to see continued investments in their solutions due to their ability to secure heterogeneous mobile deployment environments and help to prevent against data loss from lost, stolen, compromised, or decommissioned devices.
(with Eric Klein, Senior Analyst)