Mobile Device Users Need Stronger Security

The rapid growth of mobile device users is creating a need for stronger encryption and dynamic network security infrastructure capable of handling different types of devices and usage scenarios.

These were the themes of a panel discussion entitled "End-to-End Security For Mobile Data Systems" held Wednesday at Interop-New York. Industry experts discussed trends in mobile security and the technologies that are most effective at locking down corporate data on enterprise handhelds.

Chris Hopen, chief technology officer at Seattle-based security vendor Aventail, said there's a growing need for network infrastructure that can handle mobile devices, notebooks, and even kiosks. "Today's end users can traverse through multiple use cases in a single day, and as a result security solutions must use a multi-layered approach," he said.

Encrypting the link between the mobile user and the enterprise is extremely important, according to Hopen. "In a WLAN, it's a no-brainer to provide encryption from the access point to the switch, but you also have to provide strong authentication and encryption when extending that to the mobile user," he explained.

The 802.11i wireless security standard provides a way for companies to provide strong security to mobile users, said Dave Danielson, vice president of marketing at WLAN security vendor Bluesocket, Burlington, Mass. But in addition to this type of session based encryption, companies should also employ point-to-point encryption, he added.

"In addition to encrypting the data yourself, this provides the added benefit of being able to wipe data from lost laptops," said Danielson.

RF protection methods such as sensor scanning are also gaining a foothold in mobile security, and this is especially important for companies planning to do voice over WLAN, which requires strong QoS.

"RF scanning helps ensure the right devices are getting in, and that functionality will be integrated into federated identity within the next year," Danielson predicted. This approach also ensures mobile devices are clear of viruses and malware before they are permitted to access the network, he added.

Another recent trend in mobile security is that client server architecture is moving towards a software-as-a-service type of implementation, which improves security by enabling instant tracking, said Alex Doll, chief financial officer and vice president of business development at PGP Corporation, Palo Alto, Calif. "In the modern world, there's less of a need to build a heavy client on a mobile device," he said.

To further strengthen authentication in wireless networks, panelists discussed how a combination of identity, time-based access control, and location can be factored into the security policy-making process. These added security measures can also be applied to the wired network. "People have started to realize they can use systems for wireless access control across the enterprise, as a way of providing security and a first step toward identity management," said Danielson.

Doll noted that data residing on a lost or stolen laptop has become more valuable that the hardware itself. "The trend is that people worry more about lost data – that's a new risk model that has emerged in the past few years," he said.