But there are tools and strategies to help when it comes to safeguarding your mobile networks. You can hear from a panel of experts during SC Magazine's all-day eConference: Mobile Security. The site is live Tuesday.
Recently, Illena Armstrong, editor-in-chief of SC Magazine, spoke with Hadi Nahari, principal security architect at PayPal, who will be one of the speakers at the eConference. PayPal is a global leader in online payment solutions with more than 70 million active accounts. The service is available in 190 markets and 19 currencies globally. Ensuring that its customers' data is protected is vital to its operations.
Hadi will be speaking on Mobile complexity: Foundation for security threats. He is a software security professional with over 17 years of experience in all aspects of software development lifecycle, including extensive work in design and architecture, verification, proof-of-concept, and implementation of secure software systems.
Illena Armstrong: From your perspective, what are the biggest mobile threats these days?
Hadi Nahari: I think the biggest mobile-specific threats on the information security side is identity and security-asset theft, and on the technology is the lack of practical standardization and security lifecycle management and security interoperability on mobile devices.
SC: Which of these do most companies fail to account for in their risk management plans?
HN: Most definitely identity and security-asset theft and interoperability.
SC: What prompted your company to address mobile security risks and how are these moves helping protect customer and other critical data?
HN: Having various initiatives within PayPal to provide our services via mobile platforms has been the fundamental motivation to pay even closer attention to mobile security. Effective security mechanisms are the result of said efforts, which in turn result in further protection of our customers' data.
SC: What would be your top tips for others who are trying to help their companies overcome the security challenges that mobile devices create?
HN: I would include:
- Investment in gaining knowledge of mobile platform technologies.
- Performing mobile VATA (vulnerability assessment and threat analysis) targeted for mobile platforms used in their infrastructure and with focus on security assets protected/deployed on said devices.
- Provide useable, effective protection mechanisms.
- Educate users on best practices and gather their requirements/feedback on how to make the technical solutions more effective and user-friendly.
To tune in to SC Magazine's eConference: Mobile Security, click here.