Symantec unveils security assessment tool for mobile devices, apps

By eGov Innovation Editors | Dec 28, 2011

Thumbnail: 

Symantec recently unveiled its Mobile Security Assessment Suite, which  evaluate enterprises' mobile security postures and provides recommendations for the secure deployment of mobile devices and applications.

“When it comes to implementing mobile technology, enterprises are being thrown into the fire,” said Clint Sand, senior director of the Security Business Practice at Symantec. “Enterprises know that security is the main impediment for broader adoption of mobility, but with all the changes in operating systems and applications, IT managers are unclear on how to comprehensively address the security challenges. We want to help these organizations with an assessment of their security posture and make recommendations on the best ways to embrace BYOD.”

Symantec Mobile Security Assessment Suite uses two modules -- one for holistic assessment of enterprise mobile security, and one specifically focused on mobile application security.

The first module evaluates the level of risk inherent in the enterprise use of mobile computing devices, such as the Apple iPhone, iPad, or Android phones and tablets. The assessments provide an understanding of present or anticipated exposure to information security risk likely to result from gaps within the information security programs, policies and processes, based on mobile device use cases and available security controls.

It then evaluates the security of an organization’s custom mobile applications against best practice criteria for mobile application security. The tests provide insight into the ability of an organization’s mobile applications to resist attacks from unauthorized users and to help prevent misuse by valid users.

After completion of the assessments, Symantec delivers a written report showing the high-level analysis and findings, a scorecard illustrating the organization’s mobile security readiness, detailed findings and recommendations, and prioritized action plans for closing any gaps that may exist.

Enterprises can use the final report to formalize their mobile strategies and deployment plans around mobile device management, mobile data loss prevention, mobile encryption, mobile anti-virus and mobile authentication.