Financial transactions on smart phones and other mobile devices aren't only becoming more popular with consumers, they are also becoming bigger targets for cyberthieves, says Alan Dabbiere, chairman of AirWatch, an enterprise mobile device management vendor.
Authentication and a layered approach are increasingly critical for securing these mobile financial transactions, Dabbiere says in an exclusive Executive Sessions interview with Information Security Media Group.
For financial services companies to secure mobile transactions, "they've got to go on a much more open environment and make sure they authenticate that you are who you say you are. We believe the mobile phone and the technology it contains is going to become a primary driver of technology to identify [and authenticate] the consumer," says Dabbiere, who has more than 20 years of mobile security experience and holds several technology patents.
In the meantime, some companies are taking an counter-productive approach to mobile security, Dabbiere argues. "We've seen so many companies putting so many constraints around the devices that instead of taking a step forward they're really taking two steps backwards. It's like managing water - you can put up levies and control where the water goes, but the minute you try to block water and there's a rainstorm, you're going to have a flood. With mobile devices you cannot compromise the user experience at the same time you're providing security to these devices," Dabbiere says.
"Securing monetary transactions on mobile devices is not dissimilar to securing other data on mobile devices," he says. "It still gets back to securing the device, securing the transaction with its own set of nuances. Clearly in enterprise mobility you have some control over the phone. [However], very often, the credit card company or the financial transaction company does not have control over that device."
Complicating matters even more, he notes, "there's a new mobile operating system every 15 days. It's creating its own new set of risks. The ubiquity of the mobile phone, the dual-use case, the data that's being pushed out, and even the concept of data management on phones is a little different than it was historically on PCs."
In this interview, Dabbiere also discusses:
- How the concept of mobile device management is evolving to mobile risk management and enterprise mobility management;
- Why mobile security is challenging across all business sectors;
- Common mistakes organizations make in securing their mobile devices and data.
As chairman of AirWatch, a unit of cloud infrastructure and virtualization vendor VMware, Dabbiere drives the enterprise mobility management provider's vision, direction and growth plans. Dabbiere's resume also includes holding patents in supply chain, logistics and enterprise mobility software. Dabbiere previously founded Manhattan Associates, a supply chain execution software company, where he served as president and CEO from 1990 through 1999. He serves on the board of directors for the Technology Association of Georgia, the Metro Atlanta Chamber of Commerce and PrimeRevenue, an Atlanta-based supply chain finance company.