Posted by: Tony Bradley
data protection, mobile security, Voltage Security
Voltage Security, today announced Voltage Security Mobile Plus, the company’s comprehensive initiative to extend its existing mobile security solutions to protect the new generation of mobile devices, applications and data. Driven by the massive global consumption of mobile devices, and the recent dramatic adoption of tablet computers by the broader workforce, Voltage is building on its leadership in data-centric protection for business-critical sensitive data, wherever it is and wherever it might go.
According to Forrester Research, “Mobility will drive new data-killing initiatives. The advent of the extended enterprise and the ease of accessing corporate information anytime, anywhere, and on any device will create new pressures on security teams to encrypt data. Mobile devices are easy to lose and easy to steal. Enterprise-level encryption is the best hope for securing data on these devices.” (Ref: “Killing Data”; report issued by Forrester Research, Inc. January 30, 2012.)
“The Voltage Security Mobile Plus initiative builds on our leadership in delivering data-centric encryption to the largest companies in the world,” said Mark Bower, vice president of product management at Voltage Security. “We are taking our expertise in data-centric security, and our encryption and key management leadership, and building a comprehensive set of data-centric mobile security solutions for email, files, data and payments security.”
Current mobile security solutions focus on creating boundaries within the devices where data can be stored and accessed. When encryption is used, it is typically non-user friendly, non-application specific, lacking granular policy controls and relying on antiquated key management that requires massive investment to scale.
With Voltage, the data itself is protected so that it can move between applications and devices without disrupting existing processes and user experience. Voltage solutions use Voltage Identity-Based Encryption™ (IBE) to deliver simplified stateless key management, scalable to millions of users with minimal overhead investment. Voltage IBE is proven as the foundation of Voltage SecureMail™, one of the most widely-used secure email solutions globally, with roughly 50 million users worldwide and approximately one billion IBE secured business emails sent in 2011.
Voltage Format-Preserving Encryption™ (FPE) is a widely-adopted Voltage technology for protecting sensitive information at the data level, while permitting applications to function with that data in the cloud or on mobile devices. This data-centric information protection technique is already in use in numerous global enterprise data protection deployments and with leading cloud-based payment processors. Voltage is now extending it to mobile payments.
Voltage Security Mobile Plus initiative
The Voltage Security Mobile Plus initiative will protect mobile data in the following ways:
· Protect emails accessed by mobile devices:
By providing granular data security policy control to internal and external messages, 100% push secure email, comprehensive user authentication, and a non-disruptive user experience, Voltage will provide new levels of email mobile security. The first product with this capability is targeted for Q2 2012 release.
“We have long been a pioneer in providing mobile email security solutions. Very early on we integrated our award-winning Voltage SecureMail with the Blackberry Enterprise Server (BES) and now many of the world’s largest firms rely on it every day—firms sending secure emails to millions of recipients,” said Bower. “Our ever-expanding global customer base includes many of the world’s largest banking, telecom and healthcare organizations.”
· Protecting sensitive business data and files:
Protecting sensitive data in files, databases and applications is becoming an even bigger challenge for enterprises with the adoption of cloud storage for streamlined collaboration. The natural pairing of mobile devices — especially tablets — to cloud services puts even more data at risk. The Voltage Security Mobile Plus initiative will extend the data-centric approach already protecting unstructured and structured data from the desktop to the mobile device. A seamless user experience is enabled by Voltage’s unique IBE technology by removing complex key management, while Voltage FPE provides end-to-end data encryption while enabling full use of the protected data in business processes and applications. Whether it’s PCI regulated data or sensitive personal information, the issues are the same; if it’s not protected, it’s at risk of compromise. The Voltage SecureData and Voltage SecureFile solutions address this risk with mobile capabilities planned for later in 2012.
“We have seen plenty of FUD (Fear, Uncertainty, and Doubt) about mobile security. And the concern isn’t totally misplaced. Those crazy users bring their own devices (yes, the consumerization buzzword) and connect them to your networks. They access your critical data and take that data with them. They lose their devices (or resell them, too often with data still on them), or download compromised apps from an app store, and those devices wreak havoc on your environment. Let’s call this situation what is: escalating anarchy,” wrote Mike Rothman, president of Securosis in a recent blog post1. “Many organizations use MDM to enforce configuration policies, ensuring they can wipe devices remotely and routing traffic device traffic through a corporate VPN. MDM provides an essential set of security and management controls. But it’s clearly not a panacea, so you need broader capabilities to bridge this mobile security gap.”
· Protecting transaction data captured at any new mobile payment method/device:
Within the Voltage Security Mobile Plus initiative, Voltage SecureData Payments is available and shipping on an immediate basis for implementation in most mobile payment devices. The Voltage SecureData Payments POS SDK provides end-to-end encryption to reduce PCI scope and merchant risk. Already adopted by six of the largest payment processors in the world and leading payment device manufacturers, Voltage SecureData Payments is the choice of large and small merchants to reduce PCI costs and audit scope without the complexity of legacy approaches.
Voltage SecureData Web, also available now, secures desktop and mobile web e-commerce payments for card-not-present transactions, end-to-end, from browser to acquirer. Voltage SecureData Web reduces PCI audit scope and breach risk, and provides major benefits to merchants embracing a secure and seamless customer shopping experience.
“Elavon takes a comprehensive approach in helping our merchant customers protect cardholder data at every point in the transaction lifecycle: in use, in motion and at rest,” said Rob McMillon, vice president, Global Security Solutions, Elavon. “Extending the data-centric encryption model to mobile devices addresses that critical need, and further helps businesses mitigate the costs and complexities associated with PCI compliance validation.”
“Voltage technology is already integrated with Ingenico’s Telium platform. Our customers enjoy the security and ease-of-use in our devices. Now that we are adding mobile solutions to our product lines, the integration of Voltage Security’s payments toolkit on mobile devices offers some of the most secure mobile payments options to merchants. A data-centric approach to payments security is a win-win for reducing risk and audit scope, which is essential in mobile data security,” said Greg Boardman, senior vice president, Products and Development, Ingenico.
For more information on the Voltage Security Mobile Plus initiative and Voltage mobile solutions, please go to www.voltage.com.