Enterprise Security in a mobile-first world does not stop at the device

Mobile technology has come incredibly far over the past few years, from smartphones and tablet computers being a luxury to becoming an essential tool for the enterprise, fundamentally changing how we do business. This transformation provided the backdrop for Gigaom’s recent Webinar Evolving Enterprise Security for the Mobile-First World.
As we discussed, mobile security has lagged behind the way we now use such devices, which have moved significantly beyond email to offering a wide range of complex functions. At least until now, as considerable strides have been made to secure the data and services that can now be delivered.
But security does not stop at the device. Speaking to Sam Phillips, Samsung USA’s Chief Information Security Officer and VP of Samsung Business Services for Enterprise Security, it became clear that while the features now available provide a robust foundation for mobile security, they should not be treated in isolation.
We are working in a mobile-first world. Many organisations see mobile technologies as a source of innovation, of new business models and growth. Quite rightly so, as they hold a great deal of promise for both externally facing and operational tasks, for suppliers and customers, for support engineers and warehouse managers.
The theme ‘security as a business enabler’ has evolved from its past, internally-facing beginnings. Where good security once reduced risk, enabling better business by freeing sales representatives or supporting home workers, today security has become an essential part of the trust all stakeholders place in an organisation.
In the platform economy, where a company is perceived through the services it offers online and via mobile, trust becomes a most important asset.  Lose this trust and you lose business, as many organisations have found out to their cost.
As a result, we discussed, mobile security becomes both a strategic business imperative and tangible opportunity. This is recognised across the business, but adoption can sometimes happen without the basics being in place. “Business adoption of Mobile has gotten ahead of CISOs and the CIOs they work with,” says Sam.
The mobile security mechanisms now available on devices, coupled with the services available from a variety of partners, enable mobile services to be locked down or opened up, depending on data to be transferred and apps to be installed.
While this gives organisations the flexibility to create secure mobile solutions to fit their own needs, it emphasises a key element of any mobile strategy. “Businesses need to decide what they really want to do with mobile,” explains Sam. With no one-size-fits-all, so organisations first need to understand what the data and apps are to achieve.
This means more than aligning mobile strategy with business strategy. In reality, mobile becomes a fundamental element of the business models required in today’s increasingly digital world, and therefore needs to be treated as such.
Understanding this, and getting the basics right in terms of securing the mobile assets of the business, implementing a secure development life cycle for apps and so on, ensures mobile can become a powerful platform for business model innovation and enterprise transformation. The alternative means building a castle on sand.
It remains to be seen how far mobile will go in the next five years, but it will only become a more embedded element of our business and personal lives. As it moves from an extension of the enterprise to an intrinsic part, getting the right pieces in place now will stand a firm in good stead for the future.