Professional Documents
Culture Documents
2013 Infonetics Mobile Security Ent Survey 02-04-13
2013 Infonetics Mobile Security Ent Survey 02-04-13
TABLE OF CONTENTS
TOP TAKEAWAYS.................................................................................................................................. 1
INTRODUCTION ..................................................................................................................................... 2
Market Background......................................................................................................................................2
Methodology and Demographics Overview.....................................................................................................2
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
i
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
LIST OF EXHIBITS
EXHIBIT 1
EXHIBIT 2
EXHIBIT 3
COMPANY-OWNED DEVICES............................................................................................. 7
EXHIBIT 4
EMPLOYEE-OWNED DEVICES............................................................................................ 8
EXHIBIT 5
EXHIBIT 6
EXHIBIT 7
EXHIBIT 8
EXHIBIT 9
EXHIBIT 10
EXHIBIT 11
EXHIBIT 12
EXHIBIT 13
EXHIBIT 14
EXHIBIT 15
EXHIBIT 16
EXHIBIT 17
EXHIBIT 18
EXHIBIT 19
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
ii
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
TOP TAKEAWAYS
Nearly every enterprise in North America is a target for mobile security solutions as theyre either
managing mobile devices that they own, rolling out a structured BYOD program, or getting control of
rogue employee-owned mobile devices that have been connected to the network over the last 2 years.
Employees are replacing desktop and laptop usage with smartphones and tablets, and those devices
need to be connected and protected just like desktops and laptops. Success selling security solutions in
this space is really about 2 things: letting IT become a mobility enabler and helping them secure all types
of mobile devices with the same level of protection as desktops and laptops.
Given the number and diversity of mobile security solutions, what do vendors need to do to make their
solution stand out? Based on the data in this survey we believe:
Vendors need to solve the whole mobile connectivity and security problem; its not just about
structured BYOD but also company-owned mobile devices and rogue employee-owned devices.
Companies are looking to lock down mobile devices and control which applications they can use.
Any comprehensive mobile device security solution should provide an app management and
control capability.
As many respondents have concerns about the completeness of protection in existing mobile
security platforms, vendors must develop products and services that can be updated in place and
include the ability to add entirely new threat detection mechanisms without disrupting existing
deployments.
SSL VPN clients will be widely used for company-wide mobile device security rollouts; theyre
free and available for users to download right from their devices application marketplace. We
believe that moving forward, SSL VPNs will be a cornerstone of many companies mobile device
security strategy because they solve an immediate connection security requirement, are familiar
and easy to use, are often free (at first at least), and will likely all support additional
security/control functions.
Looking at respondent technology and vendor plans, we believe the lions share of the
mainstream mobile device security revenue opportunity will go to established client and network
security vendors like Symantec, McAfee, Kaspersky, Microsoft, Cisco, Juniper, and Check Point.
We wont be surprised in the least to see several acquisitions in 2013 (like the Citrix/Zenprise
deal in December 2012) as more big companies try to develop an end-to-end mobile device
management and security solution.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
1
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
INTRODUCTION
Market Background
Like it or not, a new wave of mobile devices is being connected to corporate networks, and many
companies are connecting mobile devices to enterprise networks to decrease capital cost and increase
productivity. Infonetics forecasts billions of new mobile devices (smartphones and tablets) shipping
between 2012 and 2016, and these devices are truly changing the way people work and blurring the lines
between personal and corporate assets.
For many IT organizations around the globe, theres an immediate need to do something about the mobile
device security problem. Mobile devices offer the functionality of business devices but are often mixed
between personal and business use, connect to multiple wireless networks and technologies with different
security requirements, can be easily lost or stolen, and offer a tantalizing new piece of information for
hackers (location, since most are GPS-enabled); they are already being targeted by focused and broad
attacks.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
2
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
3
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 1
73%
72%
72%
71%
Drivers
69%
67%
Regulatory/compliance requirement
66%
66%
64%
Addition of corporate-owned
tablets to the network
62%
59%
57%
0%
20%
40%
60%
80%
Regulatory/compliance requirements are a key driver for 66% of respondents. Nearly everyone
recognizes the inherent need for security, but the added pressure of having to meet regulatory
requirements drives significant security spending. Additionally, much of this spending hasnt halted during
the recession like more discretionary security spending has because auditors and regulators dont stop
coming around just because the economy is bad. Mobile devices represent uncharted territory for many
regulated industries, and BYOD programs in regulated environments complicate compliance from Capitol
Hill to Wall Street; a complete mobile device security technology and product solution should be able to
address needs at a variety of regulated environments, and vendors should share case studies that
demonstrate successful deployments. Though most of the well-covered regulations that involve IT
security (FIPS, PCI, SOX, etc.) dont have specific provisions or requirements for mobile devices yet,
theyre included by default as they act as standard mail and web clients for many users.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
4
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
All respondents have invested (time, money, or both) in mobile security, but theres always more to
spend, more devices to protect, and new products and technologies available, so we asked respondents
about barriers to new investments in mobile device security solutions. They rated the impact of various
barriers in the decision to purchase additional mobile device security solutions on a scale of 1 to 7, where
1 means not a barrier, 4 means somewhat of a barrier, and 7 means definitely a barrier. The chart below
shows the percentage of respondents rating each feature a 6 or 7, or a barrier.
Overall, responses to this question are low, or lower than the drivers for new purchases, which is typical. The
cost of solutions and issues with completeness of protection are tied for first, each rated a barrier by half of
respondents. Cost will come down over time, and vendors are always adding new protection technologies to
their solutions, so these barriers will fade as products mature. However, keeping solutions updated (rated a
strong barrier by 40%) is even harder in the mobile device world than the desktop/laptop world because so
many of these devices are employee owned and may never be seen or touched by IT staff.
Barriers
Exhibit 2
46%
Cost
46%
Keeping solutions
patched/updated
40%
Management difficulty
40%
User complaints/system
performance impact
36%
Difficult to deploy
33%
27%
0%
10%
20%
30%
40%
50%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
5
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Digging in to completeness of protection a bit more, we believe that it will always be difficult for a single
security product, whether its client-based, server-based, or network-based, to provide 100% protection.
Threats always lead threat protection; how far ahead varies, but theyre always ahead, which gives
buyers the notion that their security solutions never provide complete protection. This is hard to combat
from a messaging standpoint; the most important thing vendors can do is develop products and services
that can be updated in place to add additional forms of protection as new threats emerge. This is more
than simply updating threat signaturesits providing the ability to add entirely new threat detection
mechanisms without having to disrupt existing deployments.
Cloud-based solutions, which well talk about later, focus on the problems with protection completeness,
patching/updating, complaints about system performance, cost, and deployment difficulty. Theyre not a
panacea, but offering a mix of cloud, client, and network-based solutions will likely be a requirement for
100% coverage of mobile devices.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
6
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 3
Company-Owned Devices
n=103, 103
28%
iPhone
48%
31%
Android smartphones
46%
19%
BlackBerry
46%
35%
Devices
iPad
40%
18%
37%
31%
Android tablets
34%
37%
Windows Phone 8
27%
15%
17%
New investments
Already invested
15%
Symbian
13%
0%
10%
20%
30%
40%
50%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
7
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Clearly, a comprehensive solution will offer security and management capability for all the platforms listed
below and more, but the problem is more complicated than that; Android, for example, is not really a
single platform. There are many versions of the OS in use (multiple releases of the OS itself, and
specialized or tweaked versions rolled out by specific carriers), and it is often tricky to get a piece of
security software to work properly across all versions of the OS in use. This is part of the reason, today at
least, that comprehensive solutions are still quite expensive; there is significant manpower required to
code all of the versions necessary to provide complete coverage.
Having consistent protection for all devices is generally a driver for network- and cloud-based solutions, and
the rapid ramp of mobile device use and BYOD rollouts are forcing companies to look at them immediately;
in many cases, the smartphone and tablet security problem cant be solved with a client software purchase.
We also asked respondents which employee-owned devices are allowed on their networks now, and the
strong consumer platforms (iPhone, iPad, Android smartphones/tablets) are all allowed at over 30% of
respondent companies. Many respondents have already made investments in client solutions for these
platforms from company-owned devices, and its often fairly transparent to offer the same clients for user
devices.
Exhibit 4
Employee-Owned Devices
n=103
iPhone
48%
User-Owned Devices
Android tablets
46%
iPad
40%
40%
BlackBerry
37%
Windows Phone 8
37%
Android smartphones
32%
27%
Symbian
13%
0%
10%
20%
30%
40%
50%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
8
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
We then asked respondents to tell us what kind of security products they use for company-owned and
employee-owned devices. In both cases, AV clients lead the list (though theyre only truly available for
Android, BlackBerry, and Windows Phone), followed by network-based security solutions (many firewalls
offer some ability to secure/control data and application traffic originating from mobile devices).
SSL VPN clients come in third on the list; in many cases SSL VPN clients for mobile devices are free and
available for users to download right from their devices application marketplace. We believe that SSL
VPNs will be a cornerstone of many companies mobile device security strategy moving forward because
they solve an immediate connection security requirement, are familiar and easy to use, are often free (at
first, at least), and will likely all support additional security/control functions.
Exhibit 5
Security Products
47%
42%
34%
42%
User-owned
28%
0%
20%
40%
60%
80%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
9
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
We asked respondents to name the most important technologies for their mobile security solutions to
support, and there are 2 standouts: anti-malware and firewall. There are 2 basic lineages for mobile
security products: device management/MDM and traditional client security (AV/firewall). Our respondents
are responsible for managing security, so their perspective is skewed toward traditional security functions,
but theres a definite blurring of the lines between mobile device management and mobile security.
Remote locate and remote wipe, for example, are definitely security functions, but theyre most commonly
available in MDM products. As many of the technology companies with a vested interest in mobile device
security have spent the last 3 years building or acquiring technology for mobile security, there are now
many blended offerings (like Junipers Pulse client) that are hard to categorize as MDM or pure mobile
security.
Education about what mobile security solutions really offer is needed, but we wanted to ask respondents
what they believe are key features for mobile security client platforms. All these features (and more) will
likely be part of most mobile security client offerings, though theyll have to be stitched together in
different ways depending on the platform. Consumer and enterprise solutions for mobile devices will
tackle these features on a per-device basis, so where enterprise products will really distinguish
themselves is in their ability to stitch together a unified picture of all mobile devices at a given company;
this starts with having broad platform coverage and then moves to the ability to set and apply policy
across different device platforms from a single management console. The industry is not there yet, but
well need to be there within the next 2 years to really solve enterprise mobile device security problems.
Though its difficult to provide protection for data in motion (firewall, anti-malware) on some of the closed
mobile device platforms, vendors need to clearly explain what pure security features are available per
platform so that buyers understand what the tradeoffs are and how they may want to adjust policies
based on the operating system and the real level of protection theyre able to offer.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
10
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 6
60%
Firewall
50%
Web filtering/security
28%
Security Technologies
VPN
20%
DLP
18%
Control of installed
applications
17%
Disk/file/SD card
encryption
16%
Device location
15%
Remote wipe
15%
14%
Remote configuration
12%
Provisioning
10%
0%
20%
40%
60%
80%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
11
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 7
No
61%
Yes
38%
Don't know
1%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
12
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
We then asked respondents which mobile device threats they experienced. One-third of respondents had
experienced web- or e-mail-borne malware, and one-third have dealt with a lost or stolen device with
sensitive or proprietary data. On the lost/stolen device front, its interesting to note that only 16% of
respondents (or less) think that remote wipe, device location, or disk/file/SD card encryption are key
technologies for their mobile security solution. These are the security measures used to protect a
company from loss due to a stolen or lost device, so clearly theres significant education needed in the
market regarding how to protect data at rest on devices and data in motion and how to blend the 2 types
of protection.
Nearly a quarter of respondents reported malicious apps from official app stores, and a quarter also
reported malicious apps from other locations (web sites and unofficial app stores). Over the next 2 years,
this will likely become the primary mobile-device-specific threat vector, and we wouldnt be surprised to
see this pass up lost/stolen devices and web/e-mail malware infections as the top actual threat
encountered by enterprises.
Exhibit 8
33%
33%
31%
Threats
WiFi snooping
Malicious SMS/MMS
28%
Malicious application
downloaded from third
party or unofficial
application store
23%
Malicious application
downloaded from official
application store
23%
0%
10%
20%
30%
40%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
13
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 9
Yes
77%
No
11%
Don't know
12%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
14
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Respondents looking at the cloud (the 77% who responded yes to the previous question) do so for a
variety of reasons, from saving money to solving the patching problem. Respondents rated the
importance of various drivers in the decision to purchase cloud-based or SaaS solutions for mobile device
security on a scale of 1 to 7, where 1 means not a driver, 4 means somewhat of a driver, and 7 means
definitely a driver. The next chart shows the percentage of respondents rating each feature a 6 or 7, or a
driver.
All of the drivers we asked about are important to at least a third of respondents, and theyre all the ones
we expect to really move customers toward cloud/SaaS solutions for mobile device security over the next
2 years; vendors who arent building out or enabling cloud solutions with their technology will miss the
boat for the mass enterprise mobile device security market in 2014 and beyond.
Exhibit 10
60%
54%
Drivers
53%
SaaS/cloud-based solutions
don't impact device performance
49%
48%
43%
35%
0%
20%
40%
60%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
15
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 11
Yes
84%
Don't know
11%
No
5%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
16
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Security vendors looking to sell comprehensive mobile device security solutions ahead of the mainstream
curve need to explain why these solutions are needed today-that means explaining what new threats a
company opens itself up to when it rolls out a broad mobile device connection plan. For most enterprises,
this means protecting data at rest (encrypting key files), controlling use of storage and removable storage,
and providing the capability to lock down or remotely wipe smartphones if theyre lost or stolen, then
adding protection from malicious apps, malware, and other data in motion threats down the road by
updating the client or allowing users to activate additional features by purchasing new license keys.
The blurring between mobile device management and pure security for mobile devices is already
appearing in the budgeting process, and pure mobile device security vendors need to be aware that the
money for their products is likely to be earmarked for connectivity, not security.
We asked respondents from whom they would purchase their mobile device security solution, and for now
at least, many companies plan to go to their existing network security vendor (the same vendor theyre
likely getting SSL VPN clients for mobile devices from). It has long been speculated that when it comes
time to ramp up mobile security deployments, the established client vendors will be the winners, but this
data conflicts with that. Going with the same vendor they buy desktop clients from seems the logical
choice for customers hampered by incomplete coverage, difficulty of patching/managing their deployment,
and a general desire to have a consistent security deployment. Unfortunately for companies like
Symantec and McAfee, growing dissatisfaction with desktop security clients and the ease of deploying
SSL VPNs and tuning firewalls to provide some level of security are driving customers towards
companies like Cisco, Juniper, Dell SonicWALL, F5, and others.
Overall, the lions share of the mainstream opportunity will go to established client and network security
vendors like Symantec, McAfee, Kaspersky, Microsoft, Cisco, Juniper, and Check Point, but there are still
a few MDM-focused vendors forging their own path. We wont be surprised in the least to see several
acquisitions in 2013 (like the Citrix/Zenprise deal in December 2012) as more big companies try to
develop an end-to-end mobile device management and security solution. Likely acquirers include big
device companies like Samsung, HTC, and Apple, the OS vendors, large service providers looking to
differentiate their services, and large IT infrastructure companies with their eye on mobile devices (last
year we predicted Citrix in this very report; this year it could be someone like HP or IBM). Remaining
standalone MDM vendors like MobileIron are other likely acquisition targets in 2013.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
17
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 12
48%
Purchase Source
Service provider or
solutions provider
38%
33%
Mobile device
management
specialist product vendor
32%
VAR/solutions provider
28%
27%
0%
10%
20%
30%
40%
50%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
18
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Respondents indicated their 2012 mobile device security expenditures for 3 categories (software for
devices, network solutions, and hosted/cloud services), and we asked them to project 2013 spending as
well. Respondents average spending was $573K in 2012, growing 36% to $788K in 2013, with all
categories showing growth.
Exhibit 13
Expenditures (US$K)
$600
$237
$127
$400
$173
$349
$273
$200
$0
2012
2013
Calendar Year
Hosted/cloud-based services for mobile security
Network-based security solutions for mobile devices
Client security software for smartphones/tablets
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
19
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 14
Symantec/Norton
28%
15%
McAfee
17%
9%
Suppliers
Microsoft
12%
6%
Cisco
8%
5%
Apple
5%
4%
Kaspersky
4%
Under evaluation
3%
Avast
Installed
4%
0%
10%
20%
30%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
20
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 15
Symantec/Norton
35%
Microsoft
22%
Suppliers
McAfee
21%
IBM
20%
Cisco
16%
Kaspersky
8%
Apple
8%
0%
10%
20%
30%
40%
Percent of Respondents
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
21
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 16
Supplier Familiarity
n=103
71%
McAfee
70%
Microsoft
68%
Suppliers
Cisco
Apple
65%
Symantec/Norton
65%
IBM
61%
RIM (BlackBerry)
52%
Kaspersky
45%
Trend Micro
43%
Juniper/Smobile
40%
0%
20%
40%
60%
80%
McAfee, Microsoft, Cisco, Apple, and Symantec lead in aided awareness. Respondents are familiar with a
wide range of players, even if they dont consider many of those players to be market leaders. Its
interesting to see that Juniper, who has a fairly progressive multi-function mobile client, has increased
awareness significantly since last years report.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
22
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Apple is fairly well positioned as well, aided by the release of iOS 4 (which included a reasonably solid set
of enterprise features) and the fact that almost every enterprise has to deal with Apple users and devices
whether they want to or not.
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
23
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 17
60%
40%
20%
0%
Technology
innovation
Pricing
Cisco
McAfee
Trend Micro
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
24
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
BOTTOM LINE
The mobile device security market is a large market crowded with a long list of players, and brand
mindshare is dominated household brands like Symantec, Apple, and Cisco. Companies looking to exploit
new opportunities in mobile device security should focus their energy and attention on helping companies
discover which devices are already connected to the network, developing polices for those devices, and
delivering the technology needed to put those policies in motion. A great way to start is to identify a
connectivity problem and then turn that customer into a connectivity AND security customer. SSL VPN
vendors have a leg-up here, and their advantage is starting to show in actual user plans.
Making progress in this market (generating brand awareness, driving revenue, and gaining market share)
will only be possible if vendors solve these real customer problems:
Many IT departments dont know how many (or which) mobile devices are on the network already
Client protection is not available for all their devices and OSs
Its hard to ensure theyre getting the same functionality and level of protection on all devices
Users complain about performance and find ways to get around security measures
Even with security solutions in place, devices are lost, stolen, infected, and compromised
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
25
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
Exhibit 18
A lot of
influence
36%
Primary
decisionmaker
56%
Some
influence
8%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
26
MOBILE SECURITY STRATEGIES AND VENDOR LEADERSHIP: NORTH AMERICAN ENTERPRISE SURVEY
56% of respondents are from medium companies (100-999 employees), and the remainder are from large
companies (1,000 employees or more). Though mobile device use is ubiquitous, medium and large
companies are much more likely than small companies to invest in security infrastructure for mobile
devices and are the target customers for most companies developing enterprise class mobile security
products and services.
Exhibit 19
101-1,000
56%
Over 1,000
44%
This is a paid service intended for the recipient organization only; reproduction and sharing with third parties is prohibited.
Copyright 2013 by Infonetics Research, Inc. All rights reserved.
27