Mobile Enterprise Adoption News:
- Mocana press release (salesy) but some good points on enterprise mobility security
- Apps aren’t always built with IT’s focus or huge budgets so security gets over looked
- UK company won a prize of $30k for finding flaw in Samsung III
- (NFC) Near Field Communication has vulnerabilities
- Jellybean 4.2 is not block malware as hoped
Feb. 19, 2013, 8:00 a.m. EST
Overwhelmed Developers, Enthusiastic Users and Hyper Growth of Android Platform Creating Target-Rich Environment for Attackers
SAN FRANCISCO, Feb 19, 2013 (BUSINESS WIRE) — As we enter a break-out year for enterprise mobility, the combination of overwhelmed app developers who lack access to security expertise, enthusiastic users, and the hyper growth of iOS and the “wild-west” Android(TM) platform is creating a perfect storm of vulnerabilities and an irresistible target-rich environment for attackers, according to the app security experts at Mocana.
The Mocana mobile security team will be on hand in booth 2454 at the upcoming RSA Conference in San Francisco to demonstrate solutions and share research regarding the unprecedented security challenges facing app and handset developers working on enterprise or consumer mobility projects, especially for medical, government, defense, financial or industrial markets.
“App development in the enterprise is rarely centralized. Instead, apps often emerge organically from line-of-business teams that don’t have access to cryptographic expertise. In addition, app developers are often under-resourced and under tremendous time pressure to deploy quickly. These factors can combine in unpredictable ways to create vulnerabilities,” said Kurt Stammberger, CISSP and vice president of market development at Mocana. “Mocana’s Mobile Application Protection(TM) (MAP) app-wrapping technology is a simple yet highly effective solution to protect against developer mistakes and security superstorms, and the inevitable data breaches resulting from them.”
Product developers unfamiliar with security practices and overenthusiastic, click-anything users already have resulted in numerous mobile security breaches. The Android OS and its handsets are particularly vulnerable:
— A UK-based research team recently claimed a $30,000 prize by executing a zero-day flaw in the Samsung Galaxy III native document viewer to launch a code execution attack.
— Near field communication (NFC) vulnerabilities within the Google/Samsung Nexus S running Android 2.3 (Gingerbread) and the Samsung Galaxy Nexus running Android 4.0 (Ice Cream Sandwich) have recently been exploited.
— The new Google app verification feature in Android 4.2 (Jellybean) is supposed to block malware before it gets downloaded from the Google Play app store, but recent reports show the service isn’t as effective as originally hoped, yet.
“Mocana is committed to helping developers and enterprises cope with the complex issues of mobile device security, and will soon be introducing an enhanced version of its MAP product with additional security enhancements for the BYOD environment,” said Mike Siegel, Mocana VP of Products. “MAP is great for developers, because it allows them to satisfy their enterprises customers’ demands for security, especially in BYOD contexts, while remaining focused on what they do best – creating innovative apps.”
Mocana MAP allows enterprise IT or business units to wrap new security features into existing mobile apps in seconds, without writing any code or using an SDK. MAP offers innovative security features on both iOS and Android platforms, including per-application VPNs and FIPS 140-2 encryption. With MAP, enterprises can operationalize and scale their mobility projects quickly, gaining competitive advantage and superior business results. Mocana and its centerpiece MAP mobile security technology were recently highlighted as the “Vendor to Watch” at the M3 Mobility xChange conference.
Launched in 2004 and recognized by the World Economic Forum as a 2012 Technology Pioneer, Mocana provides the only device-independent security platform that secures mobile and smart devices, and the apps and data on them. Mocana solutions dramatically increase confidence and compliance for the enterprise, OEMs, service providers and their customers. Millions of people use products sold by the more than 200 companies that rely on Mocana solutions, including Cisco, Honeywell, Dell GE and General Dynamics, as well as four of the top five Android handset makers. For more information, visit www.mocana.com.