寄件者: David Perry (MKT-US)
傳送日期: Friday, August 06, 2010 2:19:41 AM
收件者: Greg Jensen (MKT-US); Martin Roesler (AV-EMEA);
Susan Wilhite (MKT-US); Jia-Bing Cheng (RD-US-ENT); Newsbank
主旨: RE: NEWSBANK: Personally owned mobile devices on the rise in the enterprise
Blackberry is solved by RIM (it is a closed system, as well as a walled garden) and is unlikely to ever contain a major threat of any kind. Symbian remains the leading mobile contender, but Apple OS is gaining as a variety of devices now use the OS---They are an open system but a walled garden.
I think one of the challenges we ran across at CA (I also owned their mobile strategy) was, while we did have endpoint agents for Windows Mobile platforms (centrally managed), that covered only a small spectrum of the market. At the time, we viewed Blackberry as an issue you solve via Exchange or the BES server itself, but I feel that is shifting. I think the question would be “How do we plan to launch this as a security product, on a platform that requires manual launching?” In other words, you don’t boot up an iPhone and just have native security turned on (outside of the OS). You have to launch an app, and on IOS3 platforms, you must always keep it up. On IOS4, you then have to keep it up as one of the “open” apps. If I continue to open up new apps, it cycles out my security app and shuts it off. Now, maybe there is some secret sauce in how to make that happen, and I think that has to be researched a bit to see if it’s even possible to keep an app running in the background, that can’t be shut off so easy.
Not sure about Droid, but suspect it might be the same issue.
Symbian, is still the largest platform out there (outside of North America), and our competitors do in fact have Symbian footprints. Symantec has it, and I believe the Kapersky/F-Secure alliance has such a platform. Don’t recall if they are managed.
So in short, I would suggest we take a look at what problem are we trying to solve? Is it a regional problem? Is it a platform problem? That will help narrow down a prioritized list of platforms that you look at first (of the 5 major platforms).
it would start that our consols could at least see competitors products. A personal owned Laptop might have AVIRA installed, and if our OSCE or TMCM consol could tell the admin “your traveling user is around, at least he has an AV installed, but its outdated” then the admin would be more then happy and become a strong advocate for a TM solution.
One of the problems with personal devices is that they are personal, so they have SW installed that you might not want to see in your company environment.
The mentioned above “management enhncement” plus Application Control based on Whitelisting (while you are in my company network, you are only allowed to use XYZ applications) seem to be good methods to address this increasing demand.
Responding to #2, I am conducting research now about whether and how Trend should develop agentless mobile security, and how any form of mobile security would be managed with the rest of IT.
Two questions come to mind:
1) Does Trend IT support personally owned mobile devices to access company information?
2) Will Trend have products that can capitalize on customer’s mobile security concerns?
Jia-bing (JB) Cheng | desk: 408.863.6483 cell: 408.482.9838
US Cupertino Enterprise PDG
Personally owned mobile devices on the rise in the enterprise
3 August, 2010
By Mark Cox
With more than half of financial services enterprises already supporting personally-owned mobile devices, a significant challenge has been introduced to most firms' existing mobile policies and IT operations. That's a key message of "Managing and Securing Corporate and Personal Mobile Devices in Financial Services," a commissioned technology adoption profile conducted by Forrester Consulting on behalf of Fiberlink Communications Corporation.
Forrester found that personally-owned devices are growing in the enterprise and CIOs are making management and security more of a priority than ever before. A majority of enterprises now support personally-owned mobile devices. For 49 percent of the respondents, ensuring regulatory compliance is the top IT security priority. IT professionals within firms governed by the Financial Industry Regulatory Authority (FINRA) must ensure that smartphones are in compliance with their firm's broader privileged information requirements. When asked which industry regulations are driving concerns regarding mobile devices, 41 percent indicated FINRA compliance and, the same percentage reported that SarbanesOxley compliance is a concern.
More than a third of the IT professionals indicated that their enterprise supports multiple mobile operating systems (OSs), with ten percent supporting four or more. In an effort to avoid getting spread too thin, IT often provides minimal support for these OSs, introducing vulnerabilities and threats. Forrester notes, "The key is to make management and security the foundation of your business's next-generation mobile strategy. As mobile operations increasingly converge, IT and telecom managers are realizing that they need to treat mobile devices the same as PCs."
"Based on this commissioned study from Forrester, it's clear to see that mobile device management and PC management are converging," said Jim Szafranski, senior vice president, customer platform services of Fiberlink. "Over 80% of firms are concerned about malware, hackers and identity theft -- all issues previously associated with computers, not mobile devices. The research shows is that IT is now wisely beginning to manage smartphones in the same manner as PCs."
The study indicates that tackling these challenges requires that IT and telecom managers invest in a mobility service that delivers on key functionality. Eighty-six percent of respondents have already deployed a strong password policy. Other popularly-deployed strategies include: full disk encryption (71 percent), remote lock/wipe (64 percent) and asset and activity visibility and management (66 percent) across all types of mobile devices. Over the next two years, 43 percent of enterprises surveyed plan to deploy Over-the-air (OTA) configuration management. The study notes that "Cloud-hosted offerings that can deliver a single tool without the additional costs and infrastructure complexities associated with behind-the-firewall solutions are quickly becoming the preferred solutions architecture for IT professionals worldwide."