HPE bulks up security offerings for mobile, cloud and IoT

Hewlett Packard Enterprise is rolling out a mobile version of its data-centric security platform SecureData.

HPE says SecureData Mobile is designed to help businesses build data security into their mobile applications while also safeguarding data beyond the standard means of TLS, VPN, and storage encryption.

The platform leverages HPE Format-Preserving Encryption, a standards-based encryption that makes minimal modifications to existing applications while securing data for mobile apps or mobile purchases.

HPE's motive behind the platform is simple: Mobile applications are becoming increasingly packed with sensitive user data, which creates a tempting target for data thieves ready to exploit application weaknesses.

"With attackers' growing interest in mobile, it's critical that developers build security into applications from the onset, and organizations take a proactive approach to data security to better protect both personal and corporate data," said Jason Schmitt, VP of HPE Security Fortify.

In its latest mobile app security report, HPE found that most mobile applications are collecting user data that's not really necessary to the application's function. For instance, calendar data was accessed by more than 40 percent of the iOS games and more than 50 percent of the iOS weather apps. Roughly 95 percent of applications HPE tested also included logging methods that could expose data to unauthorized third parties.

HPE is also launching a new cyber reference architecture as part of its Threat Defense Services portfolio. The new framework is essentially a guide for organizations on how to protect critical business assets and interactions between users, applications and data on various devices.

The reference architecture contains blueprints for 12 domains, 63 sub-domains and more than 350 distinct security capabilities, which HPE says makes it applicable to cybersecurity challenges in cloud, mobility, M2M and IoT.