Future Shock: How mobility is forcing enterprises to completely rethink security
No single change in enterprise computing will have a greater impact on end-user security than the rapid adoption of mobile devices. Users are increasingly working outside of the office, doing so on smartphones and tablets. Despite this fact, the majority of enterprises continue to employ traditional security solutions that rely on appliances or host based software - solutions that cannot consistently inspect mobile traffic and are often not permitted to run on mobile ecosystems. Enterprises need to completely rethink their approach to end user security in this new paradigm.
At the same time, we are experiencing an explosion in mobile app development that is eclipsing even the extraordinary growth seen for web applications during the Internet boom. Just as we then faced many 'low hanging fruit' vulnerabilities in web applications, we are now witnessing many hastily developed mobile apps without sufficient QA, that are exposing users to security and privacy risks. This is especially concerning given the distribution model for mobile apps where 'app store gatekeepers' could play a crucial role in filtering out risky apps but are falling well short in their efforts to do so.
Zscaler ThreatLabZ has spent considerable time researching security and privacy risks in mobile applications. That research recently culminated in the release of ZAP (Zscaler Application Profiler), a web based tool designed to empower users to identify mobile apps exposing them to security and privacy risks. In this talk, we'll detail ZAP, reveal our findings and share our thoughts on how enterprises should rethink security in this new paradigm.
Want to hear more? Join us at Comsec annual event, October 24th, 2012 @ Hotel Crown Plaza Azrieli Tel-Aviv, Israel.