Symantec Offers New Mobile Security Assessment Services
By Tony Rizzo, Editor in Chief
There is far more to large scale enterprises and their security needs than meets the eye. That isn't only what Symantec wants you to believe. It is simply true. Symantec has taken a very deep dive into every one of the dark corners in an enterprise where mobile security issues are likely to pop up - or more importantly, where they are likely to not pop up and remain hidden until an unplanned security disaster hits.
The scale of the mobile security assessment suite that Symantec has assembled is geared specifically to very large organizations of 1,000 employees or more. Costs for the services will vary with existing contracts and will certainly be negotiated, but even then we anticipate costs to fall in at large company scales.
The suite of services isn't merely designed to root out potential dangers. The key for enterprises is to take advantage of and leverage Symantec's extensive and wide-ranging security knowledge, and deep technical and operational skill sets to develop both strategic and tactical recommendations for the secure deployment of mobile devices and applications.
The exploding use of mobile devices and mobile applications within enterprises creates a unique set of challenges that must be addressed in order to ensure sensitive information accessed, stored and transmitted is properly protected. These challenges have left many organizations wondering how to manage the risks associated with these devices, transitioning them from simply consumer devices on the enterprise network to properly managed and protected endpoints.
Symantec Mobile Security Assessment Suite uses a two module (or more simply a two-part) solution oriented approach based on Symantec's exclusive Mobile Security Framework. It consists of two modules; one for holistic assessment of enterprise mobile security, and one specifically focused on mobile application security. The Mobile Security Framework itself divides security issues into three major parts:
Each of these three parts of an entire assessment is further divided into five critical mobile security elements, making up a total of fifteen distinct elements, against which the entire enterprise mobile security assessment is run by Symantec's team of enterprise security experts.
The Symantec Mobile Security Assessments module evaluates the level of risk inherent in the enterprise use of mobile computing devices, such as the Apple iPhone, iPad, or Android phones and tablets. The assessments provide an understanding of present or anticipated exposure to information security risk likely to result from gaps within the information security programs, policies and processes, based on mobile device use cases and available security controls.
The Symantec Mobile App Security Assessments module evaluates the security of an organization's custom mobile applications against best practice criteria for mobile application security. By simulating real-world device operating system and application-level attacks, the tests provide insight into the ability of an organization's mobile applications to resist attacks from unauthorized users and to help prevent misuse by valid users.
After completion of the assessments, Symantec delivers a highly detailed written report which includes an executive summary, showing the high-level analysis and findings, detailed scorecards illustrating the organization's mobile security readiness, detailed findings and recommendations, and prioritized action plans for closing any gaps that may exist. Enterprises can use the final report to formalize their mobile strategies and deployment plans around mobile device management, mobile data loss prevention, mobile encryption, mobile anti-virus and mobile authentication.
Symantec will offer the services strictly from its own end over the course of the near future. There are currently no assessment partners in the mix.
For very large enterprises with extensive IT departments that are more likely than not flummoxed by BYOD, the rapid pace of mobile technology change, hidden security traps, and the overall general large scale mobile initiatives and mobile app deployments now being planned and delivered, the new Symantec Mobile Security Assessment Suite makes a great deal of sense.