In early 70’s when Motorola produced the first hand held mobile phone, no one would have guessed that this small device would directly challenge the biggest innovation of that decade…the personal computer. 40 years later, statisticians predict that sales of mobility devices, with tablets and smartphones, is expected to surpass PC sales.
Enterprises have now realized that mobility has more potential than just generating effectiveness. It can be used to innovate the way business is done in unimagined ways. Mobility affects an organization technically and culturally as it requires a shift in mindset and technical expertise to adapt to rapid changes. Often the pace of these changes introduce security and governance issues. CIOs and CISOs have to grapple with this as they need to support business innovations and efficiencies without compromising security.
Mobility and Information Security
Enterprise mobility is striving to provide ‘anytime, anywhere’ access to corporate applications and data. Being wireless and portable are the biggest advantages of mobile devices. These same merits are also potent information security risks. When corporate information is available on a personal device that moves in and out of the corporate environment, suddenly data is at stake as these devices are highly vulnerable from loss and unauthorized access.
Effective Enterprise Mobility Management (EMM)
An effective EMM strategy should factor in business advantages and goals while devising policies for secure access to corporate network and data. Overall the strategy should focus on:
- Easy maintenance and central management of all devices
- A controlled access and authorization system
- Consistent user experience
- Increase in productivity
- Minimized attack surface
The rate at which new mobile devices are entering the retail market makes it essential that companies keep an updated list of approved devices and share it with employees. However, the best way to ensure application and data security is to make sure that all data resides on the server. There are several products on the market (Citrix, Vmware) that ensure the actual data residing on the server is fully controlled by the administrator. This validates that the mobile solution, whether BYOD or a corporate-issued device, is always secure.
With virtualization being the mantra for attaining efficiencies, it is also an important parameter in considering workforce virtualization. Allowing users to access IT infrastructure from remote locations may not be sufficient if they are provided a separate environment for each type of connectivity. A seamless and consistent user experience is necessary to get the right amount of productivity from the users, otherwise, considerable time is spent on getting acquainted with the new user interface.
The central theme of going mobile is to further productivity and efficiency. At Bitwise, we helped one of our financial services clients to design a mobile app which would allow their customers to use their cellphones as a credit card at points of sale. This saved them from carrying their cards and by using NFC technology, it was ensured that all transactions were secure.
Similarly, we implemented a security solution for one of our clients where their team members were blocked from using a camera in their work areas by using a combination of geo-locking and NFC. Both of these solutions took mobility to the next level where production innovation helped businesses achieve their goals.
Focusing on security
There are several mobile device management solutions (MDM) available on the market and each has its own niche set of tools and security framework. These solutions have a standard implementation, which will block the security deviations or provide reactive security alerts. The outputs from these tools and other security logs can be used to build a proactive security solution. In addition to giving security alerts, they will also provide inputs on improving the implemented mobility solution.
These analytic solutions have to be built by the organizations to passively and actively to monitor the behavior of users and their mobile devices. These analytic solutions should have the intelligence to report on:
1.Location
2.Application and information access
3.User access and authentication
The Bitwise DART team has created a solution which helps our clients identify potential weakness in this mobility policy framework. It also provides feedback on ways to improve the existing mobility policies and attain higher efficiencies.
To learn more about how Bitwise can help your mobility strategy, click here.
Recommended Content
You Might Also Like
ETL Migration