Research: Consumerization Of IT Will Drive Investments In Remote, Mobile Security
Increasing levels of cyber crime, numerous regulatory and compliance requirements, and an explosion in usage of consumer devices and applications in the workplace will drive organizational investments in security solutions in 2011, according to Unisys security experts.
Unisys predicts that 2011 will likely see increased investments in biometrics-based protection of mobile devices, token-based encryption for sensitive transactions, port worker identification systems, business continuity planning, and geographic-based security access systems.
"The consumerization of IT trend presents a double-edged sword," said Patricia Titus, chief information security officer at Unisys. "On one hand, ready access to popular devices and technologies gives consumers and employees a level of convenience and productivity they've never had before. On the other hand, security officers and professionals now must figure out how to address the new security challenges that arise as hundreds or thousands of these new devices and their associated applications are introduced into the enterprise infrastructure."
Unisys believes the following security trends will emerge in 2011 as organizations respond to the evolving threat landscape:
1. Increased focus on consumer device security policy -- The consumerization of IT trend has created vulnerabilities in organizations' network perimeters. A recent Unisys-sponsored study revealed that tech-savvy information workers are blurring the lines between work and home in their use of consumer devices, and that employers don't seem to have an accurate understanding of what technologies their employees are using in the workplace.
To deal with this threat, in the coming year Unisys expects organizations to reassess and extend their security policies beyond the physical edges of the enterprise network to secure employees' use of mobile devices. Such policy changes will likely focus on authenticating the identities of device users and encrypting enterprise data as it traverses the network.
2. Biometric enablement of mobile devices -- Related to this challenge, Unisys predicts that 2011 will see increased usage of biometrics to help secure usage of mobile devices. Recent Unisys Security Index research showed that while many consumers are taking proactive steps to protect themselves against cyber crime and identity theft, only slightly more than a third of Internet users in the U.S. regularly use and update passwords on their mobile devices.
Unisys expects biometrics such as facial image or voice verification to be increasingly used in 2011 to verify the identities of mobile device users, in addition to the more traditional user ID or password. In addition, Unisys expects the use of token-based encryption to increase to authenticate mobile device transactions such as high-value Internet purchases. Examples around the world include smart cards to combat payment fraud and facial image or voice recognition verification through cell phones.
3. Port worker ID programs -- Following recent terrorist incidents involving air cargo, Unisys predicts a greater focus by U.S. government authorities in 2011 on effective ways to secure shipments entering the country and to verify the identities of authorized personnel in restricted areas of maritime ports.
With 90 percent of the world's trade transported by sea and terrorist threats on the rise, U.S. port security initiatives could be accelerated in the coming year with maritime ports increasingly adopting biometric-based identity and credentialing solutions. This could include a new wave of implementations of Transportation Worker Identification Credential (TWIC) programs fueled by new government mandates for the program and the success of TWIC field tests of integrated biometrics systems, such as at the Port of Los Angeles.
4. Business continuity planning as a defense against cyber attacks -- Recent cyber attacks have resulted in highly publicized server outages that have shut down Internet access in government, academia and the private sector.
With dependence on Internet communication continuing to grow, Unisys security experts predict an increasing interest in business continuity planning in 2011 as organizations work to ensure they can conduct critical business in the event of a cyber attack. Unisys expects enterprises to invest more in alternative paths such as automatic re-routing of communications from voice-over-IP to cellular or satellite for critical communications in the event of an Internet outage.
5. Location-based security -- In 2011 Unisys predicts that organizations will begin to exploit location-based technologies such as global positioning systems as a means of securing employee access to sensitive enterprise data and systems.
Through use of these advanced technologies, IT managers can monitor in real-time the locations of employees and limit or disable their ability to access sensitive information or conduct sensitive transactions in high-risk areas such as public spaces. Use of such advanced location-based solutions can also allow organizations to better track staff deployed overseas and to account for their location in the event of a security incident.