Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How information security empowers mobile innovation v3 branded

620 views

Published on

  • Be the first to comment

  • Be the first to like this

How information security empowers mobile innovation v3 branded

  1. 1. www.pwc.comHow informationsecurity empowersmobile innovationInformation security forum23rd annual world congressNov 5th 2012, Chicago5th Nov 2012
  2. 2. Progressive innovation inMobile services is alreadyoccurringPwC 2
  3. 3. Innovation: Agricultural Services to farmers in IndiaThen…wait in line to receiveinformation and subsidiesNow…subsidies andinformation on mobile devicesPwC 3
  4. 4. Innovation: Mobile Services give consumers on-demandaccess to doctorsThen…scheduleappointment/see doctorNow…on-demand access todoctors in minutesPwC 4
  5. 5. Innovation: Mobile improves Pharma sales forceproductivityThen…lengthy physicianvisits, long sample fulfillmenttimes, manual CRMNow…Shorter physician visits,rich media, faster samplefulfillment, digital CRM,ePrescribingPwC 5
  6. 6. Organizations expect more benefits from mobilesolutionsQ: Please select the most important benefit that your organization ultimately expects to gain from current or futuremobile solutions deployments (whether or not you are currently receiving those benefits). Improve/enhance worker productivity Increased sales/revenue Improve field service response time Improve competitive advantage/market share Provide ease of information access Improve customer service Decreased costs Offer employees more flexibility Enhance portability within the office or work environment Speed the sales process Eliminate paperwork Provide perception of an advanced company to customers 0 5 10 15 20 25 30 (% of respondents)Source: IDC’s Mobile Enterprise Software Survey, 2011PwC
  7. 7. Macro mobile trends driveadditional innovations…PwC 7
  8. 8. Smartphone adoption continues upward trajectoryPwC
  9. 9. Global Mobile traffic is growingGlobal mobile traffic as % of total internet traffic, 12/08-5/12Source: StatCounter Global Stats.PwC
  10. 10. IOS, Android and Windows Mobile are top 3Mobile OS platformsSmartphone operating system market share, 2005-2011ESource: Morgan Stanley Research, Gartner.PwC
  11. 11. Mobile application downloads have acceleratedFirst 15 quarters cumulative # of downloads, iTunes music vs. appsSource: KPCB estimates based on Apple data, after Itunes store launch in CQ2:03 as of CQ1:12.PwC
  12. 12. 88% of mobile professionals already use socialnetworks 14% have used cloud computing in the past year 60% leveraging social media platforms to market their businesses 38% spend 11 hours or more on their devicesSource: The Business Journals reveals the business habits of the rising number of SMB mobile professionals, 2011PwC 12
  13. 13. Healthy cloud forecast expected $180 $160 $140 $120 $100Total publiccloud markets $80(US$ billions) $60 $40 $20 $0 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 BPaaS ($) 0.15 0.23 0.35 0.53 0.8 1.26 1.95 2.93 4.28 6 7.66 9.08 10.02 SaaS ($) 5.56 8.09 13.4 21.21 33.09 47.22 63.19 78.43 92.75 105.4 116.3 125.5 132.5 PaaS ($) 0.05 0.12 0.31 0.82 2.08 4.38 7.39 9.8 11.26 11.94 12.15 12.1 11.91 IaaS ($) 0.06 0.24 1.02 2.94 4.99 5.75 5.89 5.82 5.65 5.45 5.23 5.01 4.78 Source: Forrester, April 2011 “Sizing The Cloud” PwC 13
  14. 14. Mobile is shaping new behaviorsAverage Time Spent on Various Mobile Functions, 1/11 12% 40 minutes • Maps • Games • Social networking • Utilities • more 32% 47% 27 minutes telephony • Phone • Skype • Messages 10 minutes Web/Web Apps 9% 7 minutes Mail appSource: AppsFire 1/11PwC 14
  15. 15. … but risks stifleinnovation potentialPwC 15
  16. 16. Mobile blurs the information perimeterPwC 16
  17. 17. Mobile Malware attacks cause real harm “The Mobile Malware (MM) Total Mobile Malware Q2 2011 revolution started principally in 2004 with the release of the Cabir. A Android worm, SymbianOS. Some Symbian MM were released before this Java ME date, but it was Cabir and the Others release of its source code that caused an explosion of new MM to emerge.” – Ken Dunham, Mobile Ransomware Malware Attacks and Defense Complete Financially device Serious motivated control attacks attacks emergeSource: McAffee Threats Report: Second Quarter 2012PwC 17
  18. 18. “Top three Mobile risks include:1. Data loss from lost, stolen or decommissioneddevices.2. Information-stealing mobile malware.3. Data loss and data leakage through poorlywritten third-party apps.”Source: Top Threats to Mobile Computing, Cloud Security Alliance, October 2012PwC 18
  19. 19. Security is an enabler ofMobile ServicesPwC 19
  20. 20. Technology adoption is moving faster thansecurity implementationOrganizations are struggling to keep pace with the adoption of cloudcomputing, social networking, mobility, and use of personal devices.88% of consumers use personal mobile device for both personaland work purposes.250%40% 44% 45% 43% 37% 38%30% 32% 29% 26%20%10% 0% Cloud security strategy Mobile device security Social media security Security strategy for strategy strategy employee use of personal 2011 2012 devices in the enterpriseQuestion 14: What process information security safeguards does your organization currently have in place?” (Not all factors shown. Totals donot add up to 100%.)2 PwC, Consumer privacy: What are consumers willing to share? July 2012PwC 20
  21. 21. Mobile Security is complicated by multiple factors Device diversity/complexityAdvanced persistent threats Data explosion Data transference inference Application explosionPwC 21
  22. 22. A variety of mechanisms are used to controlsSmartphone and tablet risksWhat steps have respondents taken to mitigate the risks associated withstaff using smartphones or tablets? Do not allow any such devices to remotely connect to the organisations systemsAllow only corporate devices to remotely connect to the Small organizations organisations systems Large organizations Defined a security strategy for mobile devices Issued a policy on mobile computing Trained staff on the threats associated with mobile devices Protected corporate email and calendaring Implemented strong encryption Implemented mobile device management(to manage devices remotely over the air) No steps taken 0 10 20 30 40 50 60 70Source: Information Security Survey Breaches Report, April 2012,http://www.pwc.co.uk/en_UK/uk/assets/pdf/olpapp/uk-information-security-breaches-survey-technical-report.pdfPwC 22
  23. 23. Solutions for managing mobile securitychallenges are maturing Network Mobile Device Mobile Access Management Enterprise Application Management Virtual Secure Authentication Desktop Storage and Infrastructure AuthorizationPwC 23
  24. 24. Architecting mobile security is essential forprotecting information and creating value • Deploy mobile services quickly Grow the • Improve user experience business • Expand partner eco-systems • Embrace mobile users • Automate security processes Improve • Adopt cloud models efficiency • Expanded virtualization–securely • Improve collaboration • Combat mobile threats Protect the • Protect sensitive information business • Govern mobile solutions • Control accessPwC 24
  25. 25. Conclusions 1 Mobile threats are real: While data loss from lost, stolen device remains a top concern, mobile malware is causing real harm 2 Cloud and Social Media risks go hand-in- hand: Recognize the risks that arise because mobile drives new behaviors that push users to adopt cloud and social media 3 Not just technology: Consider the governance and process implications of deploying your mobile solution 4 Security as an enabler: Position mobile security as an enabler by considering both the consumer and workforce use casesPwC 25
  26. 26. Thank youNalneesh Gaur, DirectorPwCNalneesh.Gaur@us.pwc.com© 2012 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopersLLP, which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is aseparate legal entity.This content is for general information purposes only, and should not be used as a substitute for consultation withprofessional advisorPwC 26

×