Johannesburg, 04 Feb 2014
The adoption of bring your own device (BYOD) practices in the enterprise is gathering momentum. By 2016, Gartner predicts 38% of companies worldwide will have stopped buying devices for employees. The obvious cost savings and the advantage of employees using their own top-end devices does not come without significant challenges of their own, chief among which is security as part of device management.
With workers increasingly demanding access to mission-critical data and applications from personal smartphones, tablets and laptops, this co-mingling of personal and work applications and data increases the risk of corporate data loss and malware breaches.
"Company data loss from lost, stolen and decommissioned devices is consistently voted a top mobile security concern in the enterprise. Furthermore, a mobile device can become a conduit for malware from rogue apps, and unless data is encrypted in flight, it's susceptible to interception, especially when users are on public WiFi networks," says Brad Pulford, Dell enterprise solutions group director.
Compliance is another obstacle. Just who owns the data created and sitting on mobile devices isn't always clear. In the BYOD world, some organisations insist that company data on employee-owned phones and tablets still belongs to the company, and that it should be allowed to backup and archive that data for legal and regulatory compliance purposes.
Beyond the data ownership debate, it can be difficult to backup, archive and store data that resides on a corporate-owned mobile device, and it's even more difficult to do that on an employee-owned device. Unless a device has been locked down, there's also a chance that an employee will move corporate data into the cloud or that it will be lifted directly from the device by an ad network or a cyber criminal.
Finally, companies that have a BYOD strategy may struggle to integrate those devices with their legacy infrastructure. Even companies that issue their own devices can have trouble finding security and management software that ties those mobile devices into the corporate network and data centre.
"When you look at the mobile landscape and the tools available to support it, what's clear is that most organisations need more mobile security than existing mobile device management and mobile application management products provide," comments Pulford. To make up for this missing functionality, we recommend that companies focus on five pillars of mobile security:
* Protecting data in the data centre, in transit and on the device;
* Strictly controlling access of the users who utilise these devices;
* Enabling mobile interrogation, access and denial;
* Providing unified policy management; and
* Containerisation of data and applications to address the blurring lines between corporate and personal data and applications on devices.
While MDM does provide some level of device-side security, organisations are better served when IT can provide mobile users with safe connections to a secure mobile access solution, especially when they are connecting via an uncontrolled WiFi hotspot. An SMA appliance protects traffic from interception, keeping in-flight data secure from cyber criminals.
In addition, IT teams should provide users with one-click access to only the corporate applications and resources that they have the right to access. With the right identity and access management solutions, an organisation can ensure that their employees, partners and customers have easy access to the critical data in a secure and controlled manner. When deployed with a next-generation firewall, this establishes a clean VPN, and an extra layer of protection that decrypts, analyses and blocks hidden threats from mobile traffic tunnelled over the SSL VPN before it enters the network.
Any mobile device (corporate or personal) connecting to an organisation's network must have its security credentials - such as jailbreak or root status (critical to minimise the risk of malware infection), device ID, certificate status, OS version - checked before access is allowed. This feature seems simple enough, but very few SMA solutions include this protection.
Organisations should be asking some searching questions from their IT partners to ensure their chosen mobile access solution consolidates control of all Web resources, file shares and client-server resources into a single location, with central administration and a single rule set for all resources and access methods. Access control solutions are available which allow IT to quickly set role-based policies for mobile and laptop devices or users with a single rule across all objects. As a result, policy management takes minutes instead of hours.
Finally, with solutions such as Dell's Mobile Connect with Dell's Secure Mobile Access, users have the ability to access permitted corporate applications and data on whatever platform they choose, whether it's a smartphone, tablet, Kindle or laptop. This helps boost worker productivity, since employees don't have to struggle to find the information they need to perform the tasks required of them. They can access a wide variety of enterprise applications and resources from a multitude of device platforms - including iOS, Mac OSX, Android, Windows, Windows Phone/RT and Linux - making BYOD easier as well.
In the near future, customers will be able to implement a unified solution that provides mobile device management, mobile application management, mobile content management, and a secure remote access gateway. Today, companies use separate, often disjointed products, and Dell is the first to address this with its Enterprise Mobility Management solution launching this year. It offers IT a comprehensive management experience to configure and define security and compliance policies for iOS and Android smartphones; Windows, Android and iOS tablets; Linux, Mac and Windows laptops and desktops; as well as thin and zero cloud clients.
With IDC predicting that the world's mobile worker population will top 1.3 billion (around one-third of the global population) by 2015, IT departments are going to need to work smart to cope with this trend. Provisioning and supporting mobile access becomes simple, since everything is done from a single interface, and policies and software can be rolled out exactly the way they should be. IT gets an end-to-end solution with unified policy management. At the same time, IT can institute a secure BYOD policy, protecting the corporate network from rogue access and malware. "In the end, when IT and end-users alike get a secure, integrated experience that boosts productivity and reduces risk and complexity, everyone wins," concludes Pulford.
Share