The popularity of mobile devices has blurred the line between office and home. According to recent research from Forrester1, global tablet and smartphone use in the enterprise is rising: nearly 20% of the worldwide tablet purchases will be made directly by enterprises by 2017, allowing employees to more easily access company data as they move from the office to home and all points in between.
How mobile devices are changing the security landscapeData security is of paramount importance for most businesses and organisations today. In a cloud-based mobile world, employers are trying to find the right balance between providing a simple and user-friendly solution while protecting their company assets from malware, loss and theft. Furthermore, the growth of bring-your-own-device (BYOD) in the workplace has increased security risks in terms of data breach or misuse, for an organization.
Both IT managers and the end users they support need authentication solutions that enable them to be better productive without having to type in additional codes or keywords. All organizations want to validate the identity of people accessing company data and make sure they have the necessary permission to do so. On the other hand, users are looking for solutions that enable quick access to information and services for enhanced productivity. But existing authentication methods do not mesh well with mobile devices thereby increasing the risk for data security. The current authentication methods, designed for use with keyboards, are awkward or sometimes plainly incompatible with mobile devices.
BYODThe Bring Your Own Device (BYOD) mobility deployment phenomenon where you are allowed to use your smartphone for work is growing in popularity as today's smartphones simultaneously grow in capabilities. We can use our phones to access computers, networks and associated information assets. Deploying these applications in a BYOD environment requires a security assessment, proper planning, the right technology and provisioning infrastructure. The ability to use your smartphone to unlock doors is a recent capability. This requires a new identity representation that operates within a trusted boundary so that BYOD devices. The boundary provides a secure communications channel for transferring information between NFC-enabled phones, subscriber identity module (SIM) cards, and other secure media and devices - like physical access readers.
Using near field communications (NFC) on mobile devices for protectionNear field communications (NFC) is a wireless communications protocol based on ISO Radio Frequency Identification (RFID) standards. NFC does not require a discovery and pairing stage, so the connection time is as quick as 0.1 milliseconds. In comparison, the connection time for Bluetooth is approximately six seconds. Using NFC technology, two smartphones can exchange contacts, photos and other information with each other. Users with NFC-enabled phones can pay for purchases and store electronic airline boarding passes, event tickets, and product identification among other uses. NFC-based applications are used in retail, health care, green technology, automotive and education, as well as other markets.
NFC is fundamentally secure because it only works at extremely short ranges, from point of touch to a few centimeters. A hacker would have to stand uncomfortably close to piggyback on the signal of a nearby mobile device user. Furthermore, the integrated circuit in NFC devices is architected with security mechanisms beyond normal processors. Each circuit is designed with a unique digital signature for protection against both software and hardware attacks.
Best ways to safeguard against threats to protect physical and logical accessAround the world, businesses are facing more security threats than ever before. Breaches of confidentiality, crippling cyber-attacks and data theft by their own employees are among the issues that can seriously damage a firm's reputation, eroding the confidence of investors and the market.
One of the best ways to safeguard against threats like these is to protect physical and logical access to high-value resources and sensitive data with an identity and access management (IAM) solution. IAM is fast securing its position as a cornerstone of information security, with a growing number of organisations recognising its potential in terms of cost savings, better service levels, tighter IT governance and improved regulatory compliance.
The Identity and access management market is estimated to grow from $7.20 billion to $12.78 billion by 2020, at a Compound Annual Growth Rate (CAGR) of 12.2% during the forecast period, according to a new market research report published by MarketsandMarkets.
At the present time, the uptake of IAM solutions remains relatively low among some segments of the business community, with cost cited by many companies as the main barrier to adoption. The ravages of the recession have blown a sizeable hole in the IT budgets of many organisations, with IT security sometimes dropping down their list of priorities. But there is a danger here. When a company slashes its IT budget, it can often leave itself dangerously exposed to security and financial risks.
In the end, it all comes down priorities. More organisations are weighing up the costs of IAM solutions against the potential costs of reputational damage, security breaches and non-compliance. IAM can offer them outstanding value by saving time and money while protecting their most valuable assets.
Guest Author
Jordan Cullis is head of identity assurance for Asia Pacific at HID Global
