The ever-evolving physical security market is showing a number of trends in 2012, including the convergence of the Internet, physical access, network access and mobile phones; an increase in workforce mobility; the rise of “bring your own device to work,” or BYOD; and the significant growth of cloud computing.
Security management organizations and security industry professionals are poised to reap the benefits of these trends in the form of an increase in productivity, flexibility of workforce deployment, cost savings, and improved accuracy and immediacy of field data collection.
Mobile work force gains in productivity and efficiency are inarguable, yet application vulnerabilities and threats stemming from mobile devices have been the two highest security concerns for organizations.
As mobile devices and the software to run them continue to evolve, companies are faced with the challenge of tracking and controlling the devices in their mobile enterprise, and maintaining proper data and physical security management to meet the latest business demands.
Data security to and from mobile devices have the same problems and solution space as other data transmissions. Good encryption is the obvious solution for secure transmissions on commercial networks. While Public Key Infrastructure (PKI) has become the tool of choice for securing data and access from mobile devices to backend systems, physical security of local data on the device is also a threat.
The use of Smart Card technology is one solution to this physical security problem, and has been widely adopted by the United States Government for the implementation of physical infrastructure security. The issue with reliance on Smart Card technology for the newer mobile technologies is readers and hardware support for newer operating systems such as iOS and Android are very limited.
COMMAND Mobile Overcomes these Data Security and Physical Security Challenges in Several Ways:
- The web and mobile components of COMMAND Mobile authenticate with the backend Lightweight Directory Access Protocol (LDAP) (Microsoft Exchange) server to ensure authorized users access applications.
- Authenticated user data is stored in encrypted files on the device in order to authenticate the user when the device does not have an active connection to the network.
- The Windows Mobile solution provides kiosk capabilities which removes the Windows Start menu and restricts access only to applications managed by COMMAND Mobile.
- A layered security approach is used to ensure an adequate level of security. In order to access web services user authentication must be performed using username/password or PKI certificates.
- An authorization token is required in order to execute any web service calls.
- Additionally, the XML Web Services can be secured over HTTPS to provide security while data is in transit.
COMMAND Mobile was developed specifically to fill a need in the mobile enterprise market as business, government, and security industry professions continue to expand and properly manage their use of mobile devices and solutions.