Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Symantec Mobile Security Strategy Targets Bring-Your-Own Device Trend

LAS VEGAS, NEVADA – SYMANTEC VISION 2012 – Symantec wants to dip its hands deeper into mobile security with a strategy stretching from anti-malware to device management to controlling security for the applications themselves.

LAS VEGAS, NEVADA – SYMANTEC VISION 2012 – Symantec wants to dip its hands deeper into mobile security with a strategy stretching from anti-malware to device management to controlling security for the applications themselves.

At its Vision Conference in Las Vegas, Symantec touted what officials hope will be a comprehensive approach to dealing with the bring-your-own-device (BYOD) trend in the enterprise. “Our vision is, (for) bring-your-own-device, is you need to manage devices, and you need to manage and control the applications,” Symantec CEO Enrique Salem said during his keynote.

Symantec Vision 2012Central to this is the technology the company acquired through its purchase of Nukona earlier this year. Nukona provided mobile application management software that allows organizations to apply security policies to the mobile applications used by their employees. For example, organizations could encrypt local data, explained Brian Duckering, senior manager of enterprise mobility at Symantec.

This flexibility, he said, is critical for organizations whose employees are bringing their own devices and who may be hesitant to surrender control of a device they paid for in the name of corporate policy.

“The problem comes when maybe you are in a regulated industry…if one of those companies wants to do BYOD they are going to have a problem because the policies that they would apply in their MDM (mobile device management) solution are going to be pretty severe, and they should be,” he said. “The problem is then the end user brings in their own device, and (says), ‘I’m not going to sign up for this – I don’t want you turning off my camera, blocking access to the app store (and) doing all these other things. I am paying for this device.’”

“If you can put authentication, encryption, copy control and all of the controls that you need on that app that contains the data, you can actually accomplish what you need to without taking over the entire device,” Duckering said.

Another aspect of its mobile security strategy is Data Loss prevention for Mobile, which looks to protect corporate information by routing iPad and iPhone network traffic through a virtual private network (VPN) server to the Data Loss Prevention for Mobile server for analysis. If policy violations are found, the traffic can be blocked or other actions can be taken such as removing sensitive information or simply notifying the user of the violation. Support for Android devices is planned as well, but no firm date for that has been set for when that will be delivered, Duckering said.

In addition to controlling applications, Symantec is also expanding its code signing business for mobile apps to target Google Android developers. The service will allow developers to securely manage their certificate keys and store their signed applications from a single cloud-based console. The company also created the Symantec Certificate Intelligence Center for Mobile to allow IT managers to monitor and manage their SSL certificate inventory by providing insight into SSL certificate usage on their network.

Advertisement. Scroll to continue reading.

“The growing use of mobile devices for personal and business use has increased the challenge for organizations and individuals to gain a comfortable level of control,” said Stephen Drake, program vice president for Mobility & Telecom at analyst firm IDC, in a statement. “As the number of mobile devices continues to rise and demands on IT continue to increase, the need for organizations to secure and manage these devices and the information on them is significantly elevated.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.