So said Paulo Ferreira, enterprise mobility director at Samsung Mobile South Africa, discussing enterprise mobility security considerations at ITWeb Security Summit 2015 in Midrand this morning.
He said several trends have changed the face of mobility since then. "Trend number one is how mobile data price and speed have changed. Internet speeds have increased 3.3 million times in 30 years, technology can be used by more people, and applications can be enriched. This also spurs healthy competition in the marketplace."
The second trend is Moore's Law. "Today's supercomputer is 3.3 billion times faster than the world's first. This has driven a change in the category of devices we are seeing − smartphone, tablet and phablet − and we are also seeing fit-for-purpose hardware on a device for business use, and hardware that is leaning towards niche environments. We have also seen a surge in wearable tech, both for business and personal use."
Thirdly, he cited the growth in mobile applications. Ferreira said according to Frost & Sullivan, nearly half of enterprises have already deployed between one and 10 mobile apps to their employees.Trend number four is that there are devices everywhere and more and more smart devices are being used for business. "Businesses are embracing devices within their organisations and IT is under pressure to ensure they are offering the services of managing those particular handsets and securing the information on them."
Ferreira posed the question as to whether IT can ensure protection while providing choices. "There are many challenges faced by businesses. Gartner research has revealed the BYOD [bring your own device] adoption rate is said to top 35% by 2016. Moreover, 38% expect to stop providing devices to employees by 2017, empowering them to make their own choices. By 2017, 50% of employers will require that employees supply their own device. And already these days, 45% of employees share work devices without supervision."
Ferreira added these trends and stats bring new challenges, with the main issues facing business being device security and information control. "There are increased threats on corporate security; IT and user mobility needs do not easily align, not to mention the issues of privacy. There are several key challenges for enterprise mobility – platform security, policy controls and management, and usability and user privacy."
There are two distinct models of mobility enterprises typically decide between – corporate-liable and employee-liable, he explained. Corporate-liable devices render the employer responsible for ownership, expense, policy and security management. A downstream variation is a choose your own device (CYOD) set-up, where employees can select their device from a pre-approved list. For companies electing an employee-liable model, employees use their personal devices in the workplace.
One of the biggest challenges of the CYOD model is to overcome user privacy concerns. "Having the latest devices is certainly appealing to employees, but the fact that all their information, both personal and professional, is constantly surveyed is not something users want. To this end, businesses must consider a holistic enterprise mobility management solution which separates ‘business' from ‘personal'."
Ultimately, he said enterprises need to determine policies around BYOX (bring your own everything) than have to procure the proper technology to support those policies. "Many companies have approached the problem from a device-centric view; focus is shifting towards a more holistic view that takes the device, apps and content into consideration."
Ferreira noted the enterprise mobility management market includes a collection of technologies that span across endpoint management, policy management, identity, network security, data protection and management, application security and application life-cycle management. "Each organisation has a unique infrastructure in place and is willing to accept a varying level of risk – there is no one-size-fits-all approach to mobile security.
"Virtual attacks are a hugely increasing risk for business, transpiring in many forms. With threats such as malware, spyware and e-mail phishing, criminals can gain access to private computer systems and networks via mobile devices to steal sensitive corporate information, all too easily.
"It's not necessarily a case of businesses not doing enough to protect themselves, but IT leaders must be aware of the growing threats posed by cyber crime. As criminals find more sophisticated ways to breach companies' data and device security, organisations need to up their game. They need to invest in comprehensive solutions that guard against these attacks."
Our comments policy does not allow anonymous postings. Read the policy here