3 Essential Elements of a Secure Mobile Strategy
Business Technology | April 1, 2015
Mobility and BYOD are a gift for companies looking for improved agility and productivity. But they come with downsides built in, including security worries. If you strategise them right, though, you can get their benefits without falling prey to any of the pitfalls.
These are the top 3 essential elements of a secure mobility strategy.
1: Manage What Matters…
…and stop trying to manage everything else.
The days when the IT department had a realistic chance of controlling data flows through an enterprise are over. Instead, it’s time to triage: vital data must be managed and protected, while the majority of data can simply be ignored by IT. One way to do this is MDM – Mobile Device Management. This allows you to check whether a device remains secure before it accesses your company network – whether it’s owned by a worker or the company. Another is MAM – Mobile Application Management, which involves diffusing an app but centralizing its security settings and controls. Finally, virtualization and sandboxing holds out the hope of making the spread of conventional malware all but impossible and preventing large-scale hacking too.
2: Automate the Outcome You Want
It’s the things we don’t have to think about that boost productivity. How many business bloggers have you seen, talking about the power of habit? It’s the same in IT. Set up your systems so the right thing happens automatically. When an employee gets a new device, whoever owns it, make all their work materials available on it with the click of a single URL. When employees move from one physical location to another, pre-configured controls adapt the level of access that’s available to avoid security risks – and tell the person what’s going on and why. Use Active Directory to assign containers – sets of information, apps and access privileges – to roles rather than individuals, so that when someone new enters or leaves a role, everything they need is available.
3: Avoid the Dreaded Quadruple Bypass
A ‘quadruple bypass’ refers to the leakiest, most insecure setup you can have: BYOD on a consumer-grade device, handling sensitive company information and going straight to cloud. Completely sidestepping the control and monitoring of IT at every stage, this ‘bypass’ is ripe for hackers, leaks and malware. This is the structure you’ll find if IT hasn’t been involved in implementing BYOD and cloud!
This is the nightmare scenario for IT and it must be avoided at all costs. Fortunately, that’s not that difficult. It has to be by making other options more attractive, though. Give workers a superior user experience on IT-approved, secure systems and they won’t wander from it. It’s the best guarantee of security.
Mobility and BYOD are a gift for companies looking for improved agility and productivity. But they come with downsides built in, including security worries. If you strategise them right, though, you can get their benefits without falling prey to any of the pitfalls.
These are the top 3 essential elements of a secure mobility strategy.
1: Manage What Matters…
…and stop trying to manage everything else.
The days when the IT department had a realistic chance of controlling data flows through an enterprise are over. Instead, it’s time to triage: vital data must be managed and protected, while the majority of data can simply be ignored by IT. One way to do this is MDM – Mobile Device Management. This allows you to check whether a device remains secure before it accesses your company network – whether it’s owned by a worker or the company. Another is MAM – Mobile Application Management, which involves diffusing an app but centralizing its security settings and controls. Finally, virtualization and sandboxing holds out the hope of making the spread of conventional malware all but impossible and preventing large-scale hacking too.
2: Automate the Outcome You Want
It’s the things we don’t have to think about that boost productivity. How many business bloggers have you seen, talking about the power of habit? It’s the same in IT. Set up your systems so the right thing happens automatically. When an employee gets a new device, whoever owns it, make all their work materials available on it with the click of a single URL. When employees move from one physical location to another, pre-configured controls adapt the level of access that’s available to avoid security risks – and tell the person what’s going on and why. Use Active Directory to assign containers – sets of information, apps and access privileges – to roles rather than individuals, so that when someone new enters or leaves a role, everything they need is available.
3: Avoid the Dreaded Quadruple Bypass
A ‘quadruple bypass’ refers to the leakiest, most insecure setup you can have: BYOD on a consumer-grade device, handling sensitive company information and going straight to cloud. Completely sidestepping the control and monitoring of IT at every stage, this ‘bypass’ is ripe for hackers, leaks and malware. This is the structure you’ll find if IT hasn’t been involved in implementing BYOD and cloud!
This is the nightmare scenario for IT and it must be avoided at all costs. Fortunately, that’s not that difficult. It has to be by making other options more attractive, though. Give workers a superior user experience on IT-approved, secure systems and they won’t wander from it. It’s the best guarantee of security.