Back to the main page
Q&A: Oracle's Lee Howarth on Mobile Device Management, Mobile Application Management, and the Future of Mobile Security
Companies around the globe are embracing mobile technologies as a key business enabler. However, the rapid proliferation of both mobile technologies and potential threats makes mobile security one of the most urgent—and complex—challenges IT organizations face today.
To better understand the challenges and gain insight into Oracle's recently announced acquisition of Bitzer Mobile, we turned to Lee Howarth, Oracle’s senior principal product manager for access management solutions.
Q. Briefly outline the kinds of security challenges that accompany the widespread adoption of mobile technologies.
A. Mobile definitely ups the ante when it comes to security. The risks are multiplied, whether you are talking about sensitive data at rest on the mobile device or data moving across networks. You have to be able to lock or wipe devices that are lost or stolen. You have to defend against jailbreak techniques. With the advent of bring-your-own-device (BYOD) policies, you must be able to wipe data on devices after an employee leaves an organization. And of course there is the complexity of managing all these things on a burgeoning number of devices, operating systems, etc.
Q. Increasingly, companies must secure not just one laptop but also smartphones, tablet computers, and so on—sometimes four or more devices per user. How does this change the equation?
A. Again, multiple devices per user makes security that much more challenging. Of course, you must be able to manage all those devices equally. That means you need to be able associate all the devices to a single user while ensuring a coherent set of registration requirements, plus any additional levels of authentication. To make that happen, you need a centralized, service-oriented approach. And again with BYOD, you need to ensure this approach works across many different kinds of devices and operating systems.
Q. Briefly describe the mobile device management model. Is it up to the task?
A. The mobile device management model has evolved to include a lot of different technologies. First, it was limited to the device itself. Eventually it grew to include authentication to back-end systems. And now, BYOD is stretching the mobile device management model to the limit. More recently we have seen the advent of mobile application management, which focuses not on securing the device itself but on securing the applications running on the device.
To complement security at the application level, we have also seen the rising importance of a container approach, which involves partitioning enterprise data on BYOD devices into a segregated container with its own set of security policies.
Q. How can IT and security leaders help shape the culture around the use of mobile devices, especially the use of personal devices for work-related tasks?
A. Above all, mobile security must be seen as an enterprisewide issue, as opposed to a problem that each team working on individual mobile applications solves for themselves. A holistic view is a must—one that involves conversations that take place across departments and disciplines.
Q. What is unique about Oracle's approach in meeting these challenges?
A. Oracle is unique in being able to deliver a comprehensive, integrated set of solutions for a truly holistic approach to mobile security. We provide industry-leading data encryption technology, a comprehensive approach to authentication, single sign-on, and other traditional aspects of identity management. And now, with the acquisition of Bitzer Mobile, Oracle is adding the potential for an additional layer of security that takes advantage of the container approach.
Find out more about Oracle’s mobile and social access service.
Read about Oracle and Bitzer Mobile.
This content is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.