Thursday Jul 20
Feb
17/11
What’s missing from mobile security? RSA Juniper Session Recap
Updated on Tuesday, 31 January 2012 12:59
Share

RSA Report. RSA 2011 Sponsor Showcase Track
Session: Defend Your Mobile Life
Speaker: Mark Bauhaus is the Executive Vice President and General Manager, Service Layer Technology at Juniper Networks.

Mark started the session by asking “What’s missing from mobile security?”

“Security” he replied to his own rhetorical question. The initial entertainment of the remark made us all chuckle. Mine trailed off quickly as the stark truth of the words hit me.

I attended this session because we’ve been testing the SMobile solution, recently acquired by Juniper. The solution is integrated into Juniper’s Pulse Mobile Security platform. After digging through the nuts and bolts of the service and testing on multiple platforms, I felt I needed to zoom back out for the big picture again.

The talk was very high level. Usually I prefer more technical content but Mark’s slides and words delivered a message I think we all need to be reminded of; some of our most critical data lives on mobile devices and we’re not securing them.

The second part of his message was that, even when we try to secure them, we don’t have a reasonable way to offer the ‘single pane of glass’ management we strive for in other aspects of IT and infrastructure resources. Some features are available on some platforms, manually configured and rarely centrally monitored. Organizations haven’t had a way to implement policies on BlackBerries alongside iPhones and Androids.

According to one of Mark’s earlier slides, KRC Research shows 40% of users use their smart phone for both personal and business. The heartburn continued with these numbers:
– 72% share or access sensitive information, such as banking, using their smart phone
– 80% access their employer’s network without permission (59% do it daily)
– 50%+ are very concerned about lost, theft and identity theft resulting from their mobile usage

I wonder what percent of the users are doing something to secure their devices now. Bets are, it’s a low number, since 98% of smart phones get shipped without any security enabled by default.

Mr. Bauhaus continued to describe scenarios using some of Juniper’s technologies for an integrated mobile access and security experience. I should let you know, this was a sponsor showcase track, so vendor-specific content was expected.

Here are some of the goals we have for mobile security:
– Central and consistent management of smart phone security across platforms
– Protecting smart phones from malware and viruses
– Appropriate actions when a phone is lost or stolen, or an employee is terminated
– Secure and encrypted access to resources (via SSL VPN)
– Control of security policies for approved applications
– Monitoring device content and tracking, interest from enterprise and consumer

The solution offers, among other things, these features:
– Secure access (via integration with Juniper’s SSL VPN)
– Anti-virus (real-time protection, application and media scanning)
– Firewall (inbound and outbound with alerts and logging)
– Anti-spam (for SMS and voice)
– Loss/theft protection (remote lock, wipe, backup, restore, GPS locate, SIM change notification)
– Device Control (application inventory and control, content monitoring)

# # #



Leave a Reply