Securing Mobile Devices with Advanced Hardware Technology
Though highly advanced in some of the aspects, mobile software protection is nearing its limit. Because this form of security is based on a software protecting another software, it somehow fails to be as reliable as hardware-backed protection. Though risk management teams try to deploy such technologies, due to their limited user access capabilities, application developers always work hard to offer flexible solutions and harness true hardware-based security.
A widely adopted solution to thwart these challenges is the Trusted Execution Environment (TEE) that offers hardware-based mobile security without increasing a device's bill of materials. Standardized by GlobalPlatform—a non-profit organization that creates and publishes secure chip technology specifications—the TEE is a secure area of the main processor where mobile applications can seamlessly run. This technology is being used extensively across enterprises such the ones in fintech spaces. Providing hardware isolation from operating systems such as Android that protect applications’ code, logic and data, the TEE is an operating environment that exists on the main application processor of a device. Even on compromised devices, TEE provides enhanced application protection.
Unlike other discrete hardware-secured environments, applications running in the TEE can access a device's computing power and memory. In addition, it prevents malware from stealing credentials or mimicking user interaction by enabling only privileged access to peripherals like touch-screen or fingerprint sensors. Leading organizations across the globe have developed innovative tools to enable the seamless development of applications targeted at TEE. Moreover, rather than redeveloping a complete mobile application, isolating the sensitive components into a separate trusted application that works within TEE makes it faster and better.
By Chris Tjotjos, VP, Cisco Solutions Practice, Black Box...
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Jason Cradit, VP of Information Systems, Willbros Group
By Steve Garske, Ph.D., Senior Vice President & Chief...
By Roman Trakhtenberg, CEO, Luxoft
By Renee P Wynn, CIO, NASA
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Andrew Macaulay, CTO, Topgolf Entertainment Group
By Dominic Casserley, President and Deputy CEO, Willis...
By Dave Nelson, SVP-Portfolio Lead, Avanade, Inc.
By Michael Cross, SVP & CIO, CommScope Holding Company Inc.
By Pauly Comtois, VP DevOps, Hearst Business Media
By Dan Adam, CIO, Extreme Networks
By Matt Schlabig, CIO, Worthington Industries
By David Tamayo, CIO, DCS Corporation
By Scott Cardenas, CIO, City and County of Denver
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment