As more business is conducted through mobile devices, it is becoming increasingly important for enterprises to ensure they can provide adequate security against data loss, data theft and malware.
The challenge is that an effective mobile security strategy has to cover a lot of ground. Enterprise mobile technology is complex and includes numerous points of vulnerability. If IT doesn’t account for all of these, it becomes virtually inevitable that enterprises will fall victim to a mobile security failure.
In a white paper covering the essentials of an effective mobile security strategy, Enterprise Mobility Exchange lists five specific mobile-related elements that must be addressed.
An enterprise’s data arguably is its most valuable asset, and typically the ultimate target of hackers and other cybercriminals, as well as competitors and disgruntled employees. Not only is data vulnerable to loss and theft, it can be altered. To protect data, the white paper recommends mobile application management (MAM), “an approach that allows you to place corporate content in secure containers.”
Mobile technology can’t just be bolted onto a legacy system; it must be integrated into the network infrastructure to ensure maximum productivity and efficiency. But the infrastructure also must be protected from potential mobile-related vulnerabilities. This means creating and enforcing policies “that control email access, require device encryption, block compromised devices, deploy or revoke certificates, and block unmanaged devices,” the white paper advises.
While enterprises these days often are encouraged to move beyond mere mobile device management (MDM), that doesn’t mean they should ignore it. Rather, the point is that MDM in itself isn’t enough. Make no mistake: Securing devices is critical to security because enterprise data is stored and transferred to and from smartphones and tablets. IT needs the ability to remotely lock or wipe devices in the event they are lost or stolen.
The consumerization era has empowered users to decide which tools to use when doing their jobs. If an employee thinks a third-party app will help them, they’ll download it. That’s one app-related danger. The other is that, as demand for mobile apps continues to outpace the ability of developers to build and deploy them, security and testing are short-changed. The white paper urges enterprises to use solutions that allow IT to “easily manage internal, public, purchased, Web, and virtual applications throughout the entire lifecycle across devices from one central console.”
You didn’t think Enterprise Mobility Exchange would forget the single biggest threat to mobile security, did you? As alluded above, that’s because user behavior is difficult to control in a consumerized world. Gaining compliance from users requires clear, simple policies that don’t restrict user freedom and productivity. No one said it was easy.
Does your enterprise’s mobile security strategy cover these five elements?