You are here: Home > News > Article
Home
Business & Finance
News
U.S.
Politics
International
Technology
Entertainment
Sports
Lifestyle
Oddly Enough
Health
Science
Special Coverage
Video
Pictures
Your View
The Great Debate
Blogs
Weather
Reader Feedback
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
Your View
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters

Compliance Research Group Outlines New Security Model for Much-Needed Mobile Device...

Wed Sep 16, 2009 11:46am EDT
 
[-] Text [+] 
Compliance Research Group Outlines New Security Model for Much-Needed Mobile
Device Compliance
The DUST Model - Devices, Users, Sessions, Transactions - provides useful
guidelines for complete wireless security for corporate IT and vendor
community

DENVER, Sept. 16 /PRNewswire/ -- Compliance Research Group (CRG), an industry
analyst firm focused on IT risk management and compliance, has developed a new
mobile security model to help organizations define and manage compliance
requirements for wireless devices and services. Coined the "DUST Model for
Managing the Risk to Enterprise Mobility," this practical set of guidelines
provides an end-to-end model for the compliance practices and security
technologies needed to support growing remote smartphone access to enterprise
computing networks. CRG analysts outline a mix of new and traditional methods
and technologies to properly secure and manage originating smartphone devices,
users and sessions, and the transactions performed at sensitive destinations.

A free CRG Research Brief on the DUST Model is at: 
http://www.complianceresearchgroup.com/pages/Download-Research.html

"Compliance and security for mobile networks has not evolved significantly
from the early consumer adopter stage," said Mark Willoughby, principal and
lead analyst at CRG.  "Rapid growth in enterprise smartphone usage, with
wireless access to sensitive information in the cloud, will require new
methods to effectively plan, deploy and operate wireless compliance and
security.  CRG's DUST Model for mobile compliance and security provides a
framework for planning, deploying and managing large scale smartphone access
to sensitive corporate and personal information."

The DUST Model for mobile compliance and security addresses secure wireless:
    --  Devices - to protect the confidentiality of sensitive information on
        originating wireless platforms and provides a trusted platform for
data
        integrity
    --  Users - so the risk posed by properly authenticated users can be
        considered in granting access to devices and sensitive confidential
        information in sessions
    --  Sessions - to provide confidentiality and availability of wireless
        transmissions from the originator to destinations processing and
storing
        sensitive confidential information

    --  Transactions - performed with sensitive enterprise information, to
        assure that only authorized users are initiating actions, with
        availability and non-repudiation when required



The DUST Model for mobile compliance and security prescribes layered security
for smartphone devices coupled with new types of dynamic user authentication
that manages risk-based thresholds based on the sensitivity of the requested
resource.  It outlines how new types of secured sessions must support
traditional voice, VOIP and data over optimized and secure VPNs from the same
originating device. In addition, transactions containing sensitive information
are assured with trusted device foundations, users authenticated with dynamic
risk-based methods and secure sessions.

The DUST Model for mobile compliance and security is best managed from a
top-down cloud perspective to correlate device and user actions with session
attributes and transactions across a wide scale.  "The new DUST Model is the
first end-to-end prescription for securing rapidly expanding mobile computing.
 The model will help vendors and businesses better manage the complex issues
of compliance and security for smartphones, which soon will outnumber
traditional wired computers."

About Compliance Research Group
Compliance Research Group (www.complianceresearchgroup.com) is a Denver-based
analyst firm offering custom risk management research and marketing guidance
to the IT, security and compliance community. The firm's principal analysts
have decades of experience developing IT security strategies and consulting
with enterprise IT organizations and solutions providers.



SOURCE  Compliance Research Group

Mark Willoughby of Compliance Research Group, +1-303-552-7936,
mwilloughby@complianceresearchgroup.com

 

Featured Broker sponsored link

Editor's Choice

British artist David Hockney poses for photographers at Tate Britain in LondonSlideshowSlideshow 

A selection of our best photos from the past 24 hours.  Slideshow 

Most Popular on Reuters

  • Articles
  • Video