Increasing levels of cyber crime, numerous regulatory and compliance requirements, and an explosion in usage of consumer devices and applications in the workplace will drive organisational investments in security solutions in 2011, according to Unisys security experts.
Unisys predicts that 2011 will likely see increased investments in biometrics-based protection of mobile devices, token-based encryption for sensitive transactions, port worker identification systems, business continuity planning and geographic-based security access systems.
“The consumerisation of IT trend presents a double-edged sword,” said Patricia Titus, chief information security officer at Unisys. “On one hand, ready access to popular devices and technologies gives consumers and employees a level of convenience and productivity they’ve never had before. On the other hand, security officers and professionals now must figure out how to address the new security challenges that arise as hundreds or thousands of these new devices and their associated applications are introduced into the enterprise infrastructure.”
Unisys believes the following security trends will emerge in 2011 as organisations respond to the evolving threat landscape:
1. Increased focus on consumer device security policy – The consumerisation of IT trend has created vulnerabilities in organisations’ network perimeters. A recent Unisys-sponsored study revealed that tech-savvy information workers are blurring the lines between work and home in their use of consumer devices, and that employers don’t seem to have an accurate understanding of what technologies their employees are using in the workplace.
To deal with this threat, in the coming year Unisys expects organisations to reassess and extend their security policies beyond the physical edges of the enterprise network to secure employees’ use of mobile devices. Such policy changes will likely focus on authenticating the identities of device users and encrypting enterprise data as it traverses the network.
2. Biometric enablement of mobile devices – Related to this challenge, Unisys predicts that 2011 will see increased usage of biometrics to help secure usage of mobile devices. Recent Unisys Security Index research showed that while many consumers are taking proactive steps to protect themselves against cyber crime and identity theft, only slightly more than a third of Internet users in the U.S. regularly use and update passwords on their mobile devices.
Unisys expects biometrics such as facial image or voice verification to be increasingly used in 2011 to verify the identities of mobile device users, in addition to the more traditional user ID or password. In addition, Unisys expects the use of token-based encryption to increase to authenticate mobile device transactions such as high-value Internet purchases. Examples around the world include smart cards to combat payment fraud and facial image or voice recognition verification through cell phones.
3. Port worker ID programs – Following recent terrorist incidents involving air cargo, Unisys predicts a greater focus by U.S. government authorities in 2011 on effective ways to secure shipments entering the country and to verify the identities of authorised personnel in restricted areas of maritime ports.
With 90 percent of the world’s trade transported by sea and terrorist threats on the rise, U.S. port security initiatives could be accelerated in the coming year with maritime ports increasingly adopting biometric-based identity and credentialing solutions. This could include a new wave of implementations of Transportation Worker Identification Credential (TWIC) programmes fueled by new government mandates for the programme and the success of TWIC field tests of integrated biometrics systems, such as at the Port of Los Angeles.
4. Business continuity planning as a defence against cyber attacks – Recent cyber attacks have resulted in highly publicised server outages that have shut down internet access in government, academia and the private sector.
With dependence on internet communication continuing to grow, Unisys security experts predict an increasing interest in business continuity planning in 2011 as organisations work to ensure they can conduct critical business in the event of a cyber attack. Unisys expects enterprises to invest more in alternative paths such as automatic re-routing of communications from voice-over-IP to cellular or satellite for critical communications in the event of an internet outage.
5. Location-based security – In 2011 Unisys predicts that organisations will begin to exploit location-based technologies such as global positioning systems as a means of securing employee access to sensitive enterprise data and systems.
Through use of these advanced technologies, IT managers can monitor in real-time the locations of employees and limit or disable their ability to access sensitive information or conduct sensitive transactions in high-risk areas such as public spaces. Use of such advanced location-based solutions can also allow organisations to better track staff deployed overseas and to account for their location in the event of a security incident.