With more data than ever being generated by mobile computing devices, securing that information has become a major challenge for IT organizations that often don’t control either the endpoint or even the network being used to transmit data.
At the RSA Security 2016 conference today, Hewlett-Packard Enterprise (HPE) moved to address that issue with the release of HPE SecureData Mobile, a solution that extends HPE encryption software to devices running Apple iOS and Google Android operating systems.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=iChandra Rangan, vice president of marketing for HPE Security, says that given the lack of control most IT organizations have over mobile computing, it’s imperative that they find a way to encrypt data both when it’s at rest and in motion. In fact, a scan of 36,000 Apple iOS and Google Android devices conducted by HPE found that many of these applications routinely collect geolocation and calendar data. That information, notes Rangan, can in turn be used by hackers to enable all kinds of socially engineered attacks. In fact, the desire to get at that data helps explain why in 2015 there were 10,000 new Android threats discovered each day. And while Apple iOS devices benefit from being on a closed network, the number of malware exploits aimed at Apple iOS rose 230 percent in 2015.
While there’s no shortage of ways to encrypt data, Rangan says, IT organizations need a single tokenization method for managing all the keys that make encryption a challenge to cost-effectively employ. For that reason, HP in 2015 acquired Voltage Security.
Obviously, not every piece of data may need to be encrypted. But managing multiple types of encryption schemes becomes a major headache that winds up limiting usage of encryption inside many organizations. For that reason, HPE this week also announced it has created a HPE Cyber Reference Architecture spanning 12 domains and 63 sub-domains that is intended to make it simpler to deploy 350 distinct IT security functions.
HPE also announced that it has added automated security alerting services, security investigation and response, attacker profiling and user behavior and malware analytics capabilities to the HPE ArcSight security information event management platform along with integrations with products from Aruba Networks, a unit of HPE, vArmour and Fortinet.
Of course, thanks to the ongoing controversy over encryption between Apple and the Federal Bureau of Investigation (FBI), awareness of encryption has never been higher. Regardless of how that particular battle ultimately plays out, increased usage of encryption as a default mechanism for securing data in a mobile world is more than likely about to become a new norm for all.