Offering SaaS for securing mobile devices

Intelligent mobile devices are revolutionizing the way remote users connect to their business, and thus are presenting unique security opportunities for solution providers.

    Requires Free Membership to View

Blackberrys, iPhones, and the emerging category of promising Mobile Internet Devices (MIDs) are exploding in popularity, fueled by the availability of easy-to-use application interfaces to access information (both business and personal) in non-traditional ways.

Solution providers would be wise to monetize their networking infrastructure experience by helping customers secure their mobile devices. Security Software as a Service (SaaS) opportunities exist for small and medium business markets that need to secure the professional use of personal devices. Ideas for security-related revenue include innovative approaches to configuration administration, secure remote access, compliance auditing and application delivery.

Solution providers already have phenomenal networking expertise, advanced data center hosting capabilities, granular billing systems and an installed base of loyal customers that would like to do more with network applications if security concerns can be addressed. Service providers have experience provisioning a wide-variety of applications in the data center and in securing those applications from the data center through the network. There are many ways to capitalize on these technical infrastructure and customer relationship advantages to reduce customers' mobile device security headaches and produce security-service revenues at the same time. Here are a few simple approaches to get started:

  • Use off-peak hours to automate routine configuration administration on devices. Mobile devices are always connected to the network. Alcatel-Lucent markets a wireless card for laptops that transparently provides application upgrades and patches. The same concept can be applied as a service to maintain mobile device configurations, backup/recover data (especially the contact list!), erase data from all temporary storage locations, and quickly disable a device that is reported lost. This keeps mobile devices up and running to conduct business during normal office hours, and enables IT's mobile device concerns to be addressed quickly and properly.
  • Provide vetted applications via a storefront. Users want to download application interfaces for business productivity (and gaming pleasure) that come from trusted sources and have been checked for security problems. Apple has defined the delivery model here, and Citrix has used the storefront look and feel to make it easy for IT to deliver supported applications to end-user endpoints. These applications will need to be checked and updated for security fixes and new application features. Verizon, for example, charges $5.99 per month for a suite of endpoint security software, but with the right partners they can also drive revenue by delivering secure applications.
  • Suggest two-factor authentication for secure remote access. Business users frequently use a security token when accessing the corporate network from their mobile devices via a VPN. Safely storing a key in the device can turn the device into a two-factor authenticator with installed secure remote access software, such as authentication token products by FireID S.A. and iEnigma from Charismathics GmbH. The solution provider offers the authentication security service while the customer saves the expenses and management headaches associated with security tokens.
  • Offer content-aware audit services for compliance. The solution provider sees all application traffic. Assuming privacy concerns can be resolved, this type of service could optionally record traffic from designated applications, inspect content for sensitive data, erase all sensitive data upon application exit, and append a comprehensive compliance report for remote device usage to the monthly invoice.

Remember, focusing on SMB customers keeps it simple and provides solutions the customer is unlikely to build for itself (large enterprises, conversely, have significant infrastructure and labor resources and are willing to create and implement their own customized technology to maintain control). Fortunately, service cost and ease of use trumps complicated product features when selling to SMBs, allowing solution providers to quickly test security SaaS offerings for mobile devices.

About the author:
Eric Ogren is founder and principal analyst of the Ogren Group, which provides industry analyst services for vendors focusing on virtualization and security. Prior to founding the Ogren Group, Eric served as a security industry analyst for the Yankee Group and ESG. Ogren has also served as vice president of marketing at security startups Okena, Sequation and Tizor. He can be reached by sending an email to eric@ogrengroup.com.

This was first published in July 2009

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.