Telecom IQ
Showing results for 
Search instead for 
Did you mean: 

Communications Service Providers Can Be the New Mobile Security Trailblazers



Guest Author: Noam Potter, CMO, CommuniTake Technologies


Communications Service Providers (CSPs) need to move on from being mere bit-pipes and stay relevant, with new revenue channels. One of the booming opportunities is mobile security. CSPs can improve communications with built-in security, by capitalizing on their network control and hardware presence. 



Organizations are increasing their use of mobile, SaaS, and social media for critical business functions. They are also storing more data in the cloud, while using multiple endpoints. However, they are not designed to withstand the new revolutionary generation of cyber-threats being wielded by highly-motivated, relentless and greedy cyber-criminals. Lack of security best practices and competent security-minded personnel force organizations to deploy various ad hoc uncorrelated security solutions. These solutions are addressing different needs and usage cases: network security; threat detection; cloud (SaaS) security and data protection; identity and access management; security intelligence and analytics; compliance automation and data governance; and enhanced enterprise mobility management (EMM), to name but some. This strategy is not proving really successful: the number of major reported data breaches is constantly rising, and it is becoming increasingly expensive to recover from them. And ransomware is now constituting a unique threat. The Kaspersky Security Bulletin  notes that one business is being attacked every 40 seconds, and that one in five businesses having paid a ransom never got their data back. Mobile is regarded as the weakest end point.


Individual mobile device holders are also under attack, mainly via ransomware. Kaspersky notes that one individual is being blackmailed by ransomware every 40 seconds. Individuals are also getting hacked through fast-evolving banking malware, making them more vulnerable now than ever before.


But the mobile security offerings available are not geared to an organization’s needs: 

  • Consumer-oriented solutions focus on privacy, not on enterprise-grade security;
  • Enterprise-oriented products rarely provide differentiated group-based security levels;
  • The commercially-available products frequently prove to have backdoors, through deliberate or bad coding;
  • Enhanced EMM is providing disparate solutions;
  • Secure communications solutions often lack archiving functionality, notwithstanding the fact that archiving is mandatory for regulatory compliance;
  • The longevity of a solution is uncertain, as only some of the vendors currently on the market will prove to be long-term survivors;
  • Secure enterprise mobility solutions usually run on commercially-oriented hardware, and cannot provide military-grade security.


These missing pieces give CSPs significant opportunities to earn money from the fast-growing mobile security market. However, CSPs are only addressing cyber-crime for their customers by partnering with mobile security vendors. The partnerships are taking three forms:  white-label solutions (usually for voice encryption); making secure communications part of managed services; and providing secure communications with archiving.


CSPs need to rethink their approach to mobile security. They can react better to the evolving threat of mobile cyber-crime by building new mobile security solutions and act as mobile security brokers.  These new solutions need to provide:

  • Ease of use, plus a seamless user experience;
  • Differentiated security levels for organizations;
  • Coverage of the major threat vectors: applications; networks; devices; and careless use;
  • Technology that capitalizes on a CSP’s network control and hardware presence.


CSPs’ mobile security should be able to provide the following features on demand:

  • On-demand activation of proprietary-encrypted voice calls and messaging;
  • Segmentation, tracking and securing of organizations’ sensitive data across cloud and mobile;
  • Cloud services for common enterprise usage scenarios such as email, multi-persona roles and attached files, so that theft or loss of devices is no longer such a problem;
  • Ability for organizations to specify a security-assured apps catalog without needing to use commercial app stores that frequently host malicious apps;
  • Tracking of an organization’s sensitive data, including confidential files, during its transit over the Internet, with protection from malicious threats;
  • Orchestrated, proxy-based and cloud-based architecture for real-time defense on all devices;
  • Collaborative prediction and identification of malicious behavior, advanced malware, exploits and live attacks experienced by the user base;
  • Zero-touch mitigation and real-time rule-based remediation against cyber-attacks;
  • Custom mobile devices, with a purpose-built operating system for organizations with more-demanding security requirements.


Clearly, at present, CSPs have neither the security expertise nor the visionary personnel to develop these capabilities directly. However, a crystal-clear investment policy, partnerships and a bold acquisitions strategy, combined with access to abundant telecommunications data and the enormous end user base can make it happen. CSPs are struggling to stay relevant and increase the average revenue they earn per account. Yet catering to the mobile security market by taking advantage of their intrinsic capabilities and potentials, and by providing integrated on-demand services, can provide a market position that was hitherto unattainable. They just need to be focused on achieving it.


CommuniTake will be talking about this topic live at Mobile World Congress in the MWC Discussion Zone on Wednesday, March 1 at 11:30. See the full MWC Discussion Zone agenda for more details on this and other sessions.


hpe.com_csp_nfv.png CSPResources.jpg NFVResources.png @hpe_csp.jpg @hpe_nfv.png


0 Kudos
About the Author


Read for dates
HPE Webinars - 2019
Find out about this year's live broadcasts and on-demand webinars.
Read more
Read for dates
HPE at 2019 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2019.
Read more
View all