Security Experts:

Symantec, PhoneFactor Unveil New Mobile Offerings

Security firms Symantec and PhoneFactor separately unveiled solutions today to help organizations deal with the challenges posed by the influx of mobile devices in the workplace.

For Symantec, the solutions took the form of the new Symantec Mobile Security Assessment Suite, a set of services aimed at providing enterprises strategic recommendations for securing mobile devices and applications.

Symantec Mobile Security Assessment

The suite consists of two parts – one for a holistic assessment of enterprise mobile security, and one specifically focused on mobile applications. Symantec Mobile Security Assessments analyze the risk level of mobile devices as well as the present or anticipated exposure to information security risks. The Symantec Mobile App Security Assessments evaluate the security of an organization’s custom mobile applications against best practice criteria for mobile application security.

At the conclusion of the assessments, Symantec delivers a written report highlighting the findings and including recommendations and a scorecard.

“When it comes to implementing mobile technology, enterprises are being thrown into the fire,” said Clint Sand, senior director of the Security Business Practice at Symantec, in a statement. “Enterprises know that security is the main impediment for broader adoption of mobility, but with all the changes in operating systems and applications, IT managers are unclear on how to comprehensively address the security challenges. We want to help these organizations with an assessment of their security posture and make recommendations on the best ways to embrace BYOD.”

Phone Factor

Meanwhile, PhoneFactor, which specializes in multi-factor authentication, launched its authentication app for smartphones and tablets. As of today, the PhoneFactor App is available for Apple iPhones and iPads. A version for Google Android-based devices is coming soon, according to the security company.

The goal of the app is to help users verify account logins and transactions. Instead of outputting a one-time passcode, the PhoneFactor App pushes a notification to the user’s smartphone or tablet that causes an alert to pop up on the device. To approve the transaction, the user can simply click “Authenticate.”

"Enterprises are proactively re-evaluating their strategies for authenticating end-users with methods that are stronger than username and password, and Aberdeen's research confirms strong interest in phone-based approaches such as PhoneFactor,” said Derek Brink, vice president and research fellow for IT security and GRC (governance, risk management and compliance) at the Aberdeen Group. “Unlike software implementations of traditional one-time password tokens, the PhoneFactor mobile app provides an out-of-band solution to authenticate end-users or verify the legitimacy of online transactions -- which means effective protection against man-in-the-middle attacks, while leveraging the portability and usability of the mobile phones most end-users already carry and use.”