The Key to Mobile Security: Take the Authentication and Authorization Context into Account
Organizations today understand the need to mitigate risks for corporate systems and information through access via mobile devices. However, the point solutions for MDM (Mobile Device Management) etc. don’t really solve this problem – especially when understanding the bigger picture of Information Security in these days of the Computing Troika, where Cloud Computing, Social Computing, and Mobile Computing are game changers for Information Security. It is about understanding that the way we do authentication and authorization has to change. It is about taking the context into account. How big is the risk, depending on the type of user, the device used, his location, the type of authentication, and all the other contextual information? Is this risk too big to grant access or not? Starting with context not only mitigates mobile security risks, it overall helps mitigating Information Security risks in an increasingly complex world. Thus, risk- and context-based authentication and authorization plus the support for versatility in the open ecosystem of an extended enterprise are key to – not only – mobile security. This session will explain how to move from tactical point solutions towards a strategic approach.
Facing The Future: Identity Opportunities for Mobile Operators
With the advent of 4G/LTE, mobile operators are facing challenges and opportunities that will shape the future direction of communications for at least the next five to ten years. Faced with the erosion of revenues from the rapid encroachment of the so-called OTT (over the top) players, such as Apple, Google and many others, into their traditional market strongholds, operators are coming to the increasing realisation that data – ‘big data’ – represents their most significant asset in terms of being able to provide added value to their customers in the future. A key aspect of this transformation will be how operators are seen to astutely manage the wealth of user data at their disposal to good effect and position themselves as secure identity brokers and/or identity providers in what is already becoming a highly competitive market. This presentation will highlight the challenges facing operators in this brave new world and give examples of how some operators are already addressing the opportunities.