Multi Channel Architecture & Securing The Mobile Channel - by Ricardo Diaz
By Greg Jensen on Mar 26, 2014
Multi-Channel Architecture (MCA) projects are trans-formative business trends brought on by I.T. modernization initiatives across industries. As these customer, partner, vendor or employee channel's technology evolve to meet today's new business opportunities, security and privacy risks have never been greater. Especially, the Mobile Channel.
Let's look at one of my favorite industry's multi-channel architectures, BANKING, and why securing the mobile channel is a quickly becoming a priority for businesses globally.
A banks channels, ATM, Branches, Online, IVR, POS, PSE and Mobile, all need air tight information protection policy and rock solid security/privacy controls. The Mobile channel on the surface, looms as the 800 pound gorilla in the room with many bank enterprise security architects because mobile security, to many, is so new. In reality, with he right technology partner it doesn’t have to be.
One of interesting and risky trend I noticed working with Colombia, Mexico and Australia banks and their MCA projects is where the mobile application development group sits in the enterprise org. These critical development teams were sitting outside of I.T. ! NO governance. Weak security. They did this to speed the development process of their apps. I get it but this is a good example of what probably is more common than you'd think when it comes to the risks of mobile application development. So is bringing these development teams under the I.T. umbrella going to secure their apps? Not necessarily but his type of security challenge highlights the need for not just a good mobile security solution but one that isn't bound by organizational or political barriers. All these MCA Banking projects had this challenge as a key business driver for a robust secure mobile channel. Take a look INSIDE your organization. Is security ubiquitous within your mobile business channel? Are short cuts being taken to speed up development and meet business demand? Can you extend your enterprise security policy to these mobile devices if these apps were not built to your corporate enterprise architecture or security standard?
In the next GSS blog, we will highlight how the MDM/MAM space has evolved and why these technologies are part of the mobile security answer but not the final answer.