Maintaining security while providing mobile workers with access to the information they need, when and where they need it, is complex. This white paper helps you understand the risks associated with mobile applications, handhelds and wireless networks—then shows you how Good Mobile Messaging helps you address these issues.
WHITE PAPER
Good Architecture and Security
White PaperGood Architecture and Security White Paper2007
CONTENTS
Motorola Good Technology Group 1 IntroductionPhone: 866-7-BE-GOOD 3 Good System OverviewOnline: www.motorola.com/good 8 Good Security Architecture14 Good Over-the-Air (OTA) Management Architecture17 ConclusionGood Architecture and Security White Paper2007
INTRODUCTION
THE WIRELESS REVOLUTION IS HEREExecutives and professional ? eld forces are spending more time on the road doing business. These mobile professionals must be readily accessible to customers, partners and co-workers. In the past, this required that they carry laptops and use cumbersome and expensive remote-access systems such as Virtual Private Networks (VPNs). Today, advances in handheld and network technology mean that laptops are no longer needed for secure wireless access to e-mail and other mission-critical enterprise systems.No longer just a luxury for top executives, mobile technology has become a necessity for ? eld Motorola Good Technology Group forces. Mobile access to enterprise information systems drives productivity and ef? ciency. Handheld mobile applications are changing the way that companies, employees and customers Phone: 866-7-BE-GOOD conduct business. These technologies can improve business processes in sales, service, marketing Online: www.motorola.com/good and logistics, yielding substantial ROI.
THE SECURITY CHALLENGE For all the promise of these new technologies, security is the Achilles' heel of the mobile revolution and must be addressed before the bene? ts can be fully realized. Surveys of CIOs consistently show that security ranks as their top IT priority, ahead of such concerns as application integration, enterprise resource planning (ERP) and customer relationship management (CRM). Security breaches put companies' most valuable information at risk-including intellectual property, proprietary business processes and customer data. As a result, CIOs demand stringent security standards to ensure that mobile users are allowed access to key enterprise data only as authorized and that such data are safeguarded both during transmission and while resident on handhelds.
THE ESSENTIAL ELEMENTS OF WIRELESS SECURITYMaintaining security while providing mobile workers with access to the information they need when and where they need it is complex. Protecting enterprise IT infrastructure requires a deep understanding of the risks associated with mobile applications, handhelds and wireless networks. The move toward wireless data access extends the perimeter of the corporate network and, like earlier innovations, raises many security issues. Compared with behind-the-? rewall enterprise systems, wireless handheld computing systems are fundamentally different and involve incremental security risks. To ensure security across the entire system, enterprises must recognize and address risks across the three different links in a wireless handheld computing system:
1 Good Mobile Messaging SecurityGood Architecture and Security White Paper2007
. Perimeter or ? rewall security-When a corporation wishes to make enterprise systems like enterprise messaging servers, CRM, ERP or intranet Web pages accessible wirelessly, the ? rst priority is to maintain the security of the internal network. Any programs running inside the ? rewall must not open avenues of attack from programs running outside. Additional perimeter security considerations include:o Authentication-Each component of a wireless system must be able to prove that it is authorized to communicate on the network. It must not be possible for an attacker to impersonate a handheld or server, thereby misleading authentic services into communicating with it.o Administrative security-Enterprises need to ensure that different administrative tasks are accessible only to the appropriate administrator. For example, only the most senior system Motorola Good Technology Group administrators may modify system-wide security policies while lower level administrators Phone: 866-7-BE-GOOD may provision new users.
Online: www.motorola.com/good . Transmission/Over-the-Air (OTA) security-When internal information is transmitted over the public Internet and/or a wireless network, the data must be protected against interception or "man-in-the-middle" attacks. Data packets can be intercepted and read if unencrypted or weakly e... [download for more]
