As all industries increasingly leverage mobile applications to collect sensitive customer information, adversaries have taken notice and are shifting their focus to the mobile attack surface. Theft and misuse of customer and employee private data including financial, healthcare and HR records, payment card data, and personally identifiable information can subject a company to loss of revenue, compliance violations and penalties, and damaging loss of customer trust, brand and shareholder value. There’s a critical need to secure sensitive data transmitted via mobile applications as hackers increasingly focus on attacking mobile platforms.
HPE SecureData Mobile
HPE SecureData Mobile is designed to protect sensitive information in native mobile applications and environments. HPE SecureData Mobile expands upon the HPE SecureData product portfolio, enabling organizations to build data security into their mobile applications and safeguard the capture of sensitive data end-to-end throughout its full lifecycle – at rest, in motion, and in use – extending security far beyond traditional technologies such as TLS, VPN, and storage encryption. This data could be sensitive payment data traveling across a payment stream, or sensitive personal data traveling through cloud applications to trusted hosts in enterprise data centers. HPE SecureData Mobile also helps organizations streamline compliance to major industry standards including PCI, PII, PHI and other privacy regulations.
HPE SecureMail enables employees, partners, and customers to read and send encrypted email on supported iOS, Android, and Blackberry devices – with advanced mobile policy control. The solution extends data-centric protection and compliance to mobile email messages and attachments end-to-end, mitigating the risk of data breaches and complying with US, EU, GLBA, PCI DSS, SOX, National, State, and Federal data privacy regulations and laws. HPE SecureMail protects structured, unstructured, and semi-structured information at the data level, so protection stays with the data from the point of capture to wherever and however it is used, stored and moved across data centers, public and private clouds, and mobile devices.
“The advent of the extended enterprise and the ease of accessing corporate information anytime, anywhere and on any device will create new pressures on security teams to encrypt day. Mobile devices are easy to lose and easy to steal. Enterprise-level encryption is the best hope for securing data
on these devices.”
“With HPE SecureMail and BlackBerry, users will have an advanced encryption solution that is cost-effective and easy to manage.”
Use cases include:
Secure Collaboration with mobile executives
Executive, Legal and investment teams exchange sensitive email and documents internally and externally using mobile devices in fast-moving business transactions. Granular policy control leveraging the corporate directory ensures that only the right team members or external parties are authorized to access the email and documents.
Streamlined customer processes through mobile channels
Banking customer representatives securely email mortgage or financial product documents to customers with mobile devices as well as desktop systems, with a consistent user experience. Customer service representatives are able to accelerate the mortgage initiation or refinance process while protecting sensitive data, accelerating customer on-boarding time by over 50% and improving customer satisfaction.
Seamless customer experience regards of channel
Retailers adopting a multi-channel approach to deliver a transformative customer experience whether online, mobile, or in store can reduce fraud at every touch point. By securing sensitive data in the mobile app, retailers have more control in the customer experience without having to worry about the threat to sensitive data.
Online merchants use their websites to accept payment information securely, without compromising the checkout experience or leading to abandonment at the most critical last step in the sales process-even from mobile shoppers on the go. These storefront websites can securely capture user profile information, which needs to be protected for data privacy compliance and to reduce the risk of compromise from new attacks.
With the growing popularity of mobile apps, including mobile wallet services, sensitive payment card data transmitted via mobile applications need to be protected end-to-end. By encrypting the sensitive customer data, like credit card numbers (PAN) and CVV/CVC (security code), as it travels through the entire payment stream, and only decrypting the data when it reaches a secured trusted host, sensitive data is protected throughout the payment lifecycle.
To improve customer service and increase sales, retailers adopt the mobile sales agent model where agents walk the floor with mobile payment terminals or smartphones with payment sleeves to assist customers, and facilitate a transaction immediately so the customer doesn’t have to wait in line at the cashier.
Data De-identification and Privacy
Encrypt sensitive data like Personally Identifiable Information (PII) and Protected Health Information (PHI) in mobile apps and keep the data private as it moves through the enterprise. Sensitive data can be anything from name, address, SSN, health information, etc. This enables enterprises to streamline compliance to privacy regulations through reduced live data exposure.