Library Technology – Reviews, Tips, Giveaways, Freeware

Mobile Security Considerations

Posted In Mobile, Security - By Techtiplib on Monday, May 5th, 2014 With No Comments »

The advent of new communication technologies like IP telephony and VoIP has given rise to a new breed of mobile devices that can be connected to the centralized communication system. Tablets, mobile phones, wearable mobile devices etc., are giving a paradigm shift to the way business communication is carried out. The latest technologies are promoting mobility, which again gives a huge advantage to the executives of any organization. The increased sense of freedom boosts the efficiency of the workers and they become more productive. 

Mobile phones and tablets are outselling PCs and laptops. With BYOD in place in many businesses, people have started using these mobile devices for work also. How do I protect my data from multiple devices? How do I know it is the same person when an employee logs in from multiple devices? Do I lock out the previous device? What happens if an employee wants to use two devices simultaneously? Do I link an ID to the individual or to the device?

Mobile Security Considerations

All the above questions pertaining to mobile security need to be taken into consideration if you really want to protect your data. Let us look at some of the security considerations that would determine the safety and security of data stored on your mobile devices:

1)   Protections of APIs – The biggest challenge for mobile apps is servicing requests from backend APIs. Authorized and authenticated requests must be identified and others rejected. High value APIs that require access to resources with immediate monetary value requires the highest level of assurance. In most cases, a two way establishment of trust is needed for the API to be triggered.

2)   Public Key Infrastructure (PKI) – There is a large use of cryptographic security comprising of encryption and digital signatures. In order to secure the applications, PKI plays a significant role in establishing the identities of components in mobile app development and systems that can include devices, users and, applications.  

3)   Evolving security standards – The creation of security solutions and standards by vendors and industry is taking place at a rapid pace. The ever-evolving solutions and standards are not only difficult for a developer to understand but they are also tougher to implement as well as maintain. Several technologies exists that can be used for identification, authentication and, authorization.

4)   Service side features – If you are looking to provide a holistic solution, server side components that authenticate and have the authority to approve or reject a transaction is essential. Such protocols give you the power to manage relationship among devices, apps, and users in a better manner.

5)   Client Side Features – As much as server side security is critical, client side security is also important. It handles the worst case scenario where the server, for some reason, fails in authentication. When this happens, the client side security should immediately take steps to protect the device and all data on the device. If developers do not want to bother themselves with the complex authentication and security protocols then they can look for client SDKs that can be easily used with the APIs for the development of mobile apps. 

6)   The storage and management of security tokens – Security tokens for laptops have become fairly common for logging into a network. The same kind of authentication can and should be extended to mobile devices including cell phones and tablets.

Mobile security is a broad subject and we have touched on some of the important parts of it here. Until and unless you pay heed to all the above aspects, it won’t be possible to guarantee a safe environment for either the business or for the employee. We would go far enough to suggest that BYOD must not be encouraged till a security plan is in place.

Recommended reading: How to Set a Security Lock on Your Android Smartphone.

Author Bio:

Tess Young has been working with telecom companies for over 20 years, and is excited with the new P/VoIP/Cloud Telephony and other systems flooding the market. She has been invited by many companies to see their products and love sharing the knowledge and experience with the world.

More contents in:

About - Hey, this blog belongs to me! I am the founder of TechTipLib and managing editor right now. And I love to hear what do you think about this article, leave comment below! Thank you so much...