Mobile Security Featured Article
What IT Needs to Know When Developing a Mobile Device Strategy
January 28, 2013
One of the largest tasks that IT departments currently face is ensuring that the transition to a mobile enterprise is secure and managed. Bring-your-own-device (BYOD) has been a boon for employees in many cases but a nightmare for IT departments that need visibility into employee computing behavior and both the setup and enforcement of proper security practices. Vendors are often not helpful, unleashing a cluttering amount of new terms and conflicting advice.
IBM’s (News - Alert) lead mobile security strategist, Vijay Dheap, recently outlined key factors IT departments should consider when trying to develop a coherent and comprehensive mobile strategy for their organization.
Getting a sense of scope for the challenges that must be addressed is an important initial step, noted Dheap. This includes surveying the devices used, knowing the backend systems that they must connect with, and discovering the security holes in the mobile devices being used.
“While there are different solutions to safeguard each of three main pillars and to gain oversight across them, the next step is to understand what the mobile enablement goals of the organization are so that the security and management requirements match the use cases that need to be supported,” Dheap wrote. “This enables prioritization and selection of capabilities when making a vendor decision.”
For gaining visibility and control, Dheap recommends that issuing mobile devices should not be overlooked despite the BYOD trend. And where BYOD is practiced, mobile device management (MDM) solutions are best suited for providing device-level reach for enforcing corporate policies. Through MDM, passcode settings, VPN configuration, device encryption, remote lock/wipe, blocking external data sharing, blacklisting apps and certificate management can be specified and controlled. MDMs also reduce administrative costs by creating a single management infrastructure despite a plethora of different devices and types.
E-mail, calendars and contacts are the three most important business tools employees will need access to on their mobile devices, according to Dheap, and protecting this key corporate data can happen through mobile email management (MEM), secure dedicated email, and secure calendar and contacts apps for business.
“The objective is to guarantee that the emails are encrypted, avert data leakage due to attachment viewing on the device, prevent malware from accessing business directory, and segregate work email from the personal inbox,” noted Dheap. “Some MDM solutions employ OS capabilities (i.e. iOS’ managed profiles) and E-mail syncing protocols (i.e. Microsoft (News - Alert) ActiveSync) to provide E-mail management but support is not consistent across platforms and without app-level controls it is hard to prevent data leakage of E-mail attachments.”
Secure mobile browsers for connecting with a corporate intranet act as another method.
Mobile apps are gaining currency both for ease of use and as a good way to manage field deployment. Dheap recommends incorporating security as early as possible in the app lifecycle for businesses that develop apps. A mobile application platform (MAP) can provide disparate mobile development teams core security features and capabilities that can be reused in each app without requiring the developers to have significant security expertise.
For collaboration, secure containers should be considered. Secure containers encapsulate all the enterprise apps including E-mail, calendar, contacts and secure browser.
“Data from the work zone is prevented from leaking into the personal zone and content from the personal zone is inhibited from diffusing into the work zone,” wrote Dheap. These containers are referred to as mobile application management (MAM) solutions.
“MAM solutions allow for policy based governance of specific apps or subsets of enterprise apps. There are parallels to MDM features, but in the case of MAM those features only apply to the container and not the whole device,” he added.
Finally, mobile access control should not be overlooked by IT departments working on a full mobile strategy. Risk should be computed every time a mobile interaction is initiated because the context may be different, according to Dheap. The risk can influence the authentication scheme to employ the features of an app that are authorized for a specific user in a specific context.
“With granular mobile access control, an organization can more effectively convey to the user the reason for added security and inculcate security best practices in its users,” he wrote.
Edited by Carlos Olivera
Bring Your Own Device (BYOD)
Enterprise Integration Service (EIS)
Magic Quadrant for Mobile Device Management Software Mobile Device Management helps enterprises manage the transition to a more complex mobile computing and communications environment by supporting security...
Market Overview: Cloud-Hosted Mobile Device Management Solutions And Managed Services This report is part of a series to help I&O professionals understand the MDM vendor landscape and develop a short list of vendor solutions for further evaluation.
Market Overview: On-Premises Mobile Device Management Solutions This report is part of a series to help I&O professionals understand the MDM vendor landscape and develop a short list of vendor solutions for further evaluation.
Vendor Landscape: Mobile Device Management Mobile technology is invading the enterprise. A business's mobile management strategy is no longer about issuing a fleet of identical corporate-owned BlackBerrys to employees, then managing them from the central hub of Blackberry Enterprise Server (BES).
AirWatch AirWatch provides a comprehensive mobile security, device, application and content management solution to simplify mobility across multiple device types and mobile operating systems into one single console.
AirWatch for Apple AirWatch provides industry-leading solutions for enterprise-wide iPhone, iPod touch and iPad deployments. AirWatch secures, monitors, manages and supports iOS5 devices throughout their entire lifecycle.
AirWatch in Education Schools and universities are leveraging the latest mobile technologies in innovative ways to improve learning, teaching and communication across students, faculty and staff.
Related content you may also be interested in…