The continued proliferation of mobile devices and applications creates perpetual targets for cybercriminals who are experts at exploiting technological and human vulnerabilities.
For enterprise IT professionals, the threats posed by mobile technology and users can seem endless and overwhelming. To compete in the digital economy, however, enterprises must provide employees with the tools they need to do their jobs. And that means supporting and enabling mobile access to enterprise networks, databases and applications.
As Enterprise Mobility Exchange (EME) notes in a new security brief, “access exposes enterprises to risk.” In the brief, EME advises enterprises to create a formal security policy using the following guidelines:
- Identify information that’s most sensitive for your business. “By taking this step, you can separate enterprise data from user data, which is especially useful for managing a bring-your-own-device (BYOD) environment,” EME writes.
- Next, clarify who should be allowed to access the enterprise’s sensitive data, as well as under what circumstances they should have access.
- Finally, determine how you will respond to a data breach. “Even the best of perimeter defenses can be pierced, so be prepared to respond,” EME urges.
While that’s a solid security policy framework for mobile technology, at some point IT pros need to dive into the details of exactly what needs to be protected and how.
EME recommends focusing on five specific aspects of the enterprise mobile ecosystem: data, infrastructure, devices, applications and users.
Each may require a different set of tools to provide security. Data, for example, can best be protected through mobile application management (MAM) solutions, “an approach that allows you to place corporate content in secure containers,” EME says. Getting infrastructure security up to speed requires a solution that allows enterprises to integrate mobile devices into a network management framework “that encompasses security, identity, application, and content management.”
Mobile device management (MDM) software can help enterprises secure smartphones and tablets, while applications can be better secured through solutions that provide strong app management and delivery.
As for users, can’t live with them, can’t live without them.
EME writes: “Your security tactics will only be as effective as the compliance of your users. If your policies are difficult to follow and limit user freedom, you may find employees working around security standards in the interest of productivity.”
EME recommends that IT pros “maintain constant communication with users to keep them informed on security policy changes.” Sure, it won’t matter in many cases, but you already knew that. One can only try.
Does your enterprise have a solid mobile security strategy?