Securing a Complex Ecosystem Requires a Layered Strategy
- While security begins at the basic level of creating trusted secure images, you also must have a secure process for developing applications that run on those images.
- Because end users are often targeted, work with them to help them understand risk factors associated with mobile and online apps.
- Lastly cover the technical controls with policy controls to manage the risk appetite.
“Whether it’s a cloud-hosted environment or a co-located environment, the fundamental principle of any secure environment is to have control over what is happening.”
In managing enterprise travel programs, companies like Wagonlit, handle a lot of personal information, including financial and passport information. “There are many interfaces,” says Harshal Mehta, senior director of security. “Travel management companies extract data from multiples sources such as GDS, suppliers, partners, etc., and consolidate them to have a seamless experience for the end user travelers” Because much of this relates to global travel, both employees and client users rely heavily on mobile apps. “Such a complex environment needs agile delivery and secure performance of the applications, which relies heavily on the cloud and mobile environment,” says Mehta.