In our last post we provided a list of noteworthy iPad and iPhone apps for business and entertainment. As a follow up to that, in this article we’ll provide some food for thought around the security considerations and challenges that come with the wonderful world of mobile applications.
Mobile applications are often providing direct and automated access to cloud services and data, such as Microsoft Exchange. BlackBerry is one of the most common devices accessing corporate email accounts but newer applications are requesting more and more access to corporate data. For example at hedge funds and investment firms, trading applications on mobile devices present new mobile security challenges and introduce a firm’s in-house trading system to a new range of threats.
Mobile security vendors, such as Good Technology, are offering products to protect a firm’s firewall, over-the-air transmissions between the server and handheld as well as the data stored on the handheld. Through technologies such as these, a hedge fund can encrypt information on the device as well as in transmission so it is secure and protected.
Another benefit of mobile security products is the ability to enforce password policies – a new survey by YouGov found that “only a third of mobile phone owners would realize they had lost their phone within 15 minutes.” This delay highlights the importance of strong passwords and security policies. For a device that has extremely sensitive information, IT may choose to have the device be automatically wiped after a specific number of failed password attempts.
The survey also found that a user typically realizes a device is lost within an hour. Once the device is reported lost, IT should have the ability to remotely wipe data on the mobile device to ensure corporate information does not fall into the wrong hands.
As the realm of mobile applications and new portable devices, such as the iPad and tablet PCs, continues to grow IT organizations must adapt and adopt new mobile security policies. The wide spectrum of devices and ever broadening ecosystem of accompanying applications does present challenges but technology vendors are working to deliver solutions that mitigate these risks.
At Eze Castle Integration we regularly work with hedge funds and investment firms to create mobile security policies that makes end-users happy by giving them device-freedom while keeping corporate data safe and secure.
We also recommend you reach our hedge fund security article on "Application Security in the Cloud: Questioning Internal and External Procedures."
http://www.eci.com/blog/images/Phonewithlock_000014549179XSmall.jpgPhoto Credit: Istock