Sanjaya Krishna, Principal and Digital Risk Consulting Leader, KPMG in the US
Adding real-time location information to security services offers security leaders greater context which, in turn, contributes to the robustness of decision making. Given that the industry is only just beginning to realize the potential of location-based security services, the area promises to be a strong growth market for those able to bring effective solutions to market.
With many IT departments struggling to keep pace with internal demand for new mobile applications, there is a growing need for technology service providers that are able to integrate mobile applications into enterprise back-end services through a standard set of APIs (application programming interface), SDK (software development kit) or app-wrapping service. While the technologies are still in early stages – some are adopted as general purpose application development platforms while others are used more narrowly as a security mechanism deployed with a Mobile Device Management solution.
Many companies face a tremendous challenge trying to externalize their corporate content and data, especially when security is a concern. Forrester sees the emergence of “secure enclave” content service providers that have the ability to offer separately hardened, separately certified, and vertically focused content services for confidential and critical business content.
Companies looking to effectively segregate corporate content from personal data have few options today. Device or app virtualization technologies look to fill this gap by providing virtual segregation, deployment flexibility, and seamless user experience. Device and app virtualization are especially attractive to organizations with stringent security requirements that still want to take advantage of enterprise mobility and BYOD, as well as to countries with strict privacy laws and regulations.
Just as chip makers Qualcomm and NVIDIA are teaming up with ARM to offer TrustZone-based SecureOS for DRM (Digital rights management) operations and high risk transactional applications, there is room for other hardware based security innovations, such as general purpose secure co-processors, and those that support encryption and biometrics, to add trust and verifiability in the mobile transaction value chain.