Facing up to the mobile revolution
- Article 26 of 33
- SC Magazine, April 2011
Whether companies are actively encouraging their employees to work on the move, or staff are simply using personal mobile devices of their own accord, security professionals face a major new headache in protecting their organisations from threats, writes Rob Buckley.
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | All 6 Pages
5 Citicus MoCA (iPhone)
MoCA provides a simple way for decision makers to identify the business impact of their organisation's assets and processes being disrupted. Worst-case loss scenarios are used to identify the types of harm that could ensue and the severity of each type. As soon as an assessment is complete, graphical results are presented, highlighting the asset's calculated critical rating, maximum credible loss, and required protection.
6 RSA SecurID Software Token (iPhone, Android, BlackBerry)
Now there is no need to carry a separate RSA fob for secure two-factor authentication. Instead, you can install the app on your mobile device and get the authentication token sent to that, where it can be copied and pasted if necessary.
7 Cisco SIO (iPhone)
This provides real-time access to Cisco Security Intelligence Operations. The app provides actionable security information and enables users to personalise alerts to show only those security threats that could affect their network, and provides added assurance that they are being protected by their chosen Cisco security solution.
8 Documents to Go Premium (iPhone, Android, BlackBerry)
Create, open and edit Microsoft Office and PDF documents on your mobile device then sync them back to your computer without disrupting the formatting. Also includes support for Google Docs so that you can work through the cloud.
9 TravelTracker Pro (iPhone, Android, BlackBerry)
Keep track of all your travel information using the TripIt service. TravelTracker Pro can record expenses in multiple currencies, synchronise with TripIt, get updates of changes to flights, get maps to destinations and more.
10 Salesforce Mobile (iPhone, Android, BlackBerry)
Users can access their Salesforce CRM data wherever they are, as well as log calls and respond to leads. The iPhone version is unstable, but other versions work better.
Near field communications
Will it or won't it? Rumours have been circulating that the next version of Apple's iPhone will join a few other select handsets in having Near Field Communications (NFC) incorporated into its chipset, thus giving the nascent mobile payment technology an instant headstart that will no doubt take the technology into the mainstream. Much like contactless payment cards provided by suppliers such as Barclaycard, NFC allows a user to tap a phone against a reader to make a payment.
Using a phone provides an added benefit - the keyboard or touchscreen, which provides the ability to enter a code like a PIN. This means that the contactless payment can be extended beyond the current £15 limit for cards. "Clearly, this introduces a security headache. What if the phone is stolen? What if mobile malware can capture the code? What if the payment data can be captured?" asks Richard Allen of Consult Hyperion, which has worked on technologies such as Oyster Card.
NFC includes measures to counter these problems. It is secured using a mechanism known as Global Platform, which allows card issuers to issue the payment card application securely over the mobile network. "American Express, MasterCard and Visa are working with the mobile phone industry on securing payments," says Allen. "This has been challenging if only due to the number of new relationships required. The mobile network operators, handset vendors and so-called trusted service manager are all involved."
The payment application is secured in the mobile phone in a 'card' known as the Secure Element. It contains the code, which is stored as securely as a PIN. Other software applications running on the mobile device are authenticated to stop rogue apps capturing and using the code; the communications between components on the mobile device are also secured. The electronics are protected against physical tampering to prevent eavesdropping, and any code entered by the user is invalidated after a minute or so. As with a contactless card, there will be some losses from lost and stolen mobile devices, but these are limited to £40. The phone can also be used to accept contactless payments.
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | All 6 Pages