The report, titled Realising the Mobile Enterprise: Balancing the risks and rewards of consumer devices, is derived from the experiences of 19 security leaders. Some of these include Coca-Cola, eBay, EMC, FedEx, Intel, and Nokia. It also includes insight into today's major sources of risk for the mobile enterprise, and an outlook for the future.
"With the prevalence of mobile devices and applications, organisations have huge opportunities to create business value, but the accompanying risks are equally huge," RSA executive chairman and EMC executive vice-president, Art Coviello, said. "SBIC provides strategic guidance that helps organisations not only reduce their mobile liabilities but also foster mobile programs that enable them to realise the full benefits of the mobile enterprise."
In the report, the SBIC states that establishing mobile governance is a key strategy. Organisations should engage cross-functional teams to set clear ground rules. The first step of every mobile strategy should involve defining business goals, including costs and revenue estimates, as well as risk calculation and the predicted process of achieving goals.
Secondly, organisations need to create an action plan for the short-term due to the rapidly evolving nature of mobile technology. SBIC recommends a 12 to 18-month outlook.
Building core competencies in mobile app security is also significant, and requires knowledge of how to design mobile apps in a way that protects corporate data. This strategy may involve investing in expertise. The SBIC said that it is not just about bolting on security, but requires an examination of the app's overall functionality and architecture.