how information security empowers mobile innovation v3 branded
DESCRIPTION
TRANSCRIPT
How information security empowers mobile innovationInformation security forum 23rd annual world congressNov 5th 2012, Chicago5th Nov 2012
www.pwc.com
PwC 2
Progressive innovation in Mobile services is already occurring
PwC 3
Innovation: Agricultural Services to farmers in India
Then…wait in line to receive information and subsidies
Now…subsidies and information on mobile devices
PwC 4
Innovation: Mobile Services give consumers on-demand access to doctors
Then…schedule appointment/see doctor
Now…on-demand access to doctors in minutes
PwC 5
Innovation: Mobile improves Pharma sales force productivity
Then…lengthy physician visits, long sample fulfillment times, manual CRM
Now…Shorter physician visits, rich media, faster sample fulfillment, digital CRM, ePrescribing
PwC
Organizations expect more benefits from mobile solutions
Provide perception of an advanced company to customers
Eliminate paperwork
Speed the sales process
Enhance portability within the office or work environment
Offer employees more flexibility
Decreased costs
Improve customer service
Provide ease of information access
Improve competitive advantage/market share
Improve field service response time
Increased sales/revenue
Improve/enhance worker productivity
0 5 10 15 20 25 30
Q: Please select the most important benefit that your organization ultimately expects to gain from current or future mobile solutions deployments (whether or not you are currently receiving those benefits).
(% of respondents)
Source: IDC’s Mobile Enterprise Software Survey, 2011
PwC 7
Macro mobile trends drive additional innovations…
PwC
Smartphone adoption continues upward trajectory
PwC
Global Mobile traffic is growing
Source: StatCounter Global Stats.
Global mobile traffic as % of total internet traffic, 12/08-5/12
PwC
IOS, Android and Windows Mobile are top 3 Mobile OS platforms
Source: Morgan Stanley Research, Gartner.
Smartphone operating system market share, 2005-2011E
PwC
Mobile application downloads have accelerated
Source: KPCB estimates based on Apple data, after Itunes store launch in CQ2:03 as of CQ1:12.
First 15 quarters cumulative # of downloads, iTunes music vs. apps
PwC 12
88% of mobile professionals already use social networks
14% have used cloud computing in the past year
Source: The Business Journals reveals the business habits of the rising number of SMB mobile professionals, 2011
60% leveraging social media platforms to market their businesses
38% spend 11 hours or more on their devices
PwC 13
Healthy cloud forecast expected
Source: Forrester, April 2011 “Sizing The Cloud”
2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020
IaaS ($) 0.06 0.24 1.02 2.94 4.99 5.75 5.89 5.82 5.65 5.45 5.23 5.01 4.78
PaaS ($) 0.05 0.12 0.310000000000001
0.820000000000003
2.08 4.38 7.39 9.8 11.26 11.94 12.15 12.1 11.91
SaaS ($) 5.56 8.09 13.4 21.21 33.09 47.22 63.19 78.43 92.75 105.49 116.39 125.52 132.57
BPaaS ($) 0.15 0.23 0.35 0.53 0.8 1.26 1.95000000000001
2.93 4.28 6 7.66 9.08 10.02
$10
$30
$50
$70
$90
$110
$130
$150
$170
Total public cloud markets(US$ billions)
PwC
Mobile is shaping new behaviors
Average Time Spent on Various Mobile Functions, 1/11
Source: AppsFire 1/11
32%
12%
9%
47% 27 minutes telephony• Phone• Skype• Messages
10 minutesWeb/Web Apps
40 minutes• Maps• Games• Social networking• Utilities• more
7 minutesMail app
14
PwC 15
… but risks stifle innovation potential
PwC
Mobile blurs the information perimeter
16
PwC 17
Mobile Malware attacks cause real harm
“The Mobile Malware (MM) revolution started principally in 2004 with the release of the Cabir. A worm, SymbianOS. Some MM were released before this date, but it was Cabir and the release of its source code that caused an explosion of new MM to emerge.”
– Ken Dunham, Mobile Malware Attacks and Defense
Total Mobile Malware Q2 2011
AndroidSymbianJava MEOthers
Ransomware
Financially motivated attacks
Complete device control
Serious attacks emerge
Source: McAffee Threats Report: Second Quarter 2012
PwC 18
“Top three Mobile risks include:1. Data loss from lost, stolen or decommissioned devices.2. Information-stealing mobile malware.3. Data loss and data leakage through poorly written third-party apps.”
Source: Top Threats to Mobile Computing, Cloud Security Alliance, October 2012
PwC 19
Security is an enabler of Mobile Services
PwC
Technology adoption is moving faster than security implementation
Question 14: What process information security safeguards does your organization currently have in place?” (Not all factors shown. Totals do not add up to 100%.)
2 PwC, Consumer privacy: What are consumers willing to share? July 2012
Organizations are struggling to keep pace with the adoption of cloud computing, social networking, mobility, and use of personal devices. 88% of consumers use personal mobile device for both personal and work purposes.2
20
0%
10%
20%
30%
40%
50%
26%
37%
32%
43%
29%
44%
38%
45%
2011 2012
PwC 21
Mobile Security is complicated by multiple factors
Device diversity/complexity
Application explosion
Data explosion
Advanced persistent threats
Data transference inference
PwC
A variety of mechanisms are used to controls Smartphone and tablet risks
Source: Information Security Survey Breaches Report, April 2012, http://www.pwc.co.uk/en_UK/uk/assets/pdf/olpapp/uk-information-security-breaches-survey-technical-report.pdf
No steps taken
Implemented mobile device management(to manage devices remotely over the air)
Implemented strong encryption
Protected corporate email and calendaring
Trained staff on the threats associated with mobile devices
Issued a policy on mobile computing
Defined a security strategy for mobile devices
Allow only corporate devices to remotely connect to the organisation's systems
Do not allow any such devices to remotely connect to the organisation's systems
0 10 20 30 40 50 60 70
Small organizationsLarge organizations
What steps have respondents taken to mitigate the risks associated with staff using smartphones or tablets?
22
PwC
Solutions for managing mobile security challenges are maturing
Network Access
Mobile Device Management
Mobile Enterprise Application Management
Virtual Desktop Infrastructure
Secure Storage
Authentication and Authorization
23
PwC 24
Architecting mobile security is essential for protecting information and creating value
• Deploy mobile services quickly• Improve user experience• Expand partner eco-systems• Embrace mobile users
Grow the business
• Automate security processes• Adopt cloud models• Expanded virtualization–securely• Improve collaboration
Improve efficiency
• Combat mobile threats• Protect sensitive information• Govern mobile solutions• Control access
Protect the business
PwC
Conclusions
Mobile threats are real: While data loss from lost, stolen device remains a top concern, mobile malware is causing real harm
1Cloud and Social Media risks go hand-in-hand: Recognize the risks that arise because mobile drives new behaviors that push users to adopt cloud and social media
2
Not just technology: Consider the governance and process implications of deploying your mobile solution
3Security as an enabler: Position mobile security as an enabler by considering both the consumer and workforce use cases
425
PwC 26
Thank you
© 2012 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers LLP, which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.
This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisor
Nalneesh Gaur, [email protected]