By David Robinson, Chief Security Officer at Fujitsu UK & Ireland
Mobile technology has transformed the way we work. This is evident in the workplace as mobile workforces become increasingly common. BYOD has helped drive this adoption and has had a huge impact, not only on employee productivity and morale, but also company culture, collaboration and mobility. It has allowed great flexibility in where and how we work and communicate, making both personal and work life easier for many.
The increased use of mobile devices for work purposes has triggered many businesses to evaluate their internal IT policies, with the industry leaders’ front lining innovation and preparing for the future. Most organisations now have no choice but to develop multiple mobile policies and architectures, including customer and employee-facing strategies.
In order to benefit from the mobile revolution, businesses need to evaluate the risks whilst striking a balance between employee requirements and corporate policy. Security should be a key concern when developing BYOD policies. Security breaches are now a daily occurrence and keeping corporate data safe is becoming increasingly difficult with password leaks, mobile phone hacks and security bugs increasing in frequency.
Preparing for a secure future
Intelligent Mobile Device Management (MDM) solutions are increasingly being seen as a viable solution to those who are concerned with mobile security. MDM allows companies to ensure that the same level of security in the office is applied to the business’ expanding mobile environment not only at a device level but also at the application and network tiers. This allows IT departments to automatically detect threats and adjusts security levels to mitigate them. It also detects devices not adhering to the pre-determined security policy. By implementing MDM solutions companies can configure individual systems based on the business’ IT policies and procedures.
Solutions also exist to create “sandboxes” on mobile devices that maintain a separation between corporate and personal data. Depending on the policy, data cannot be exchanged between the sandbox and the rest of the device, thus ensuring that sensitive data is kept within the control of the corporate environment. An alternative strategy is to use a virtual client approach where the user has a window onto the corporate desktop world and no data is ever stored on the device.
A key aspect of setting up a MDM strategy is selecting the correct device. The device should make the technology simple and easy to use for IT managers and the workforce. Products should provide flexible security as standard rather than leaving it to the user to opt in. This allows businesses to avoid threats which are often unknown or unseen.
MDM also means that IT departments can implement set measures should a device be lost or stolen; allowing it to be decommissioned in real time, saving potential panic amongst the employee and business alike. This can either be a full wipe of the device or selective, thereby removing corporate data and leaving personal data behind.
Integrating applications into MDM solutions can seem daunting and unnecessary. The benefits of applications are however, too great to be ignored. Solutions are available which can manage security risks and enforce security that goes everywhere your data does, securing every point in your expanding mobile environment.
Mobile security architecture that operates at the device, application and network tiers can enforce the security policies as well as automatically detecting potential threats and intelligently adjusting security settings to mitigate risk. This architecture can also provide employees with secure and encrypted access to specific business applications from their smart device and access to all corporate applications, and logs all mobile application traffic for compliance and reporting purposes.
Winning the mobility battle
Most major enterprises with high security requirements, such as financial services and government organisations, are already taking the management of mobile devices very seriously. Often for them this is the first time that data is leaving the confines of the corporate office. However smaller organisations seem to be taking a pragmatic approach based upon the sensitivity of their data and some have yet to embrace MDM.
Businesses must do more to stay ahead of growing risks. There is no question that security risks will continue to develop in the mobile industry. Preparation is vital, those that implement an intelligent mobile MDM infrastructure will be well equipped to manage and avoid future obstacles. Taking the time to evaluate internal policies, investing wisely in the right devices and applications, will prevent businesses putting themselves and their customers at increasing risk.