Business security in the mobility era
If you don’t have an acceptable use policy you need to create one and adhere to it
As employees come to work with increasingly more personal technology, businesses are realizing that traditional network security policies and designs may not be adequate enough to deal with the fast-paced demands of mobile needs while keeping systems’ integrity intact and security concerns at bay.
When examining and updating their corporate computer policies, businesses now need to place mobile device management (MDM), mobile application management (MAM), and bring-your-own-device (BYOD) guidelines under the umbrella.
Acceptable use policies
If companies do not currently have an acceptable use policy, or AUP, and a culture of security in place with their employees, they need to create one and adhere to it. These policies typically discuss such matters as Internet usage (including social media, music streaming and free downloads), email communication and phone utilization at work.
Usually, a policy of this kind is updated on an annual basis and all employees, including the senior management team, must read and sign the agreement. This is to ensure compliance with the policy and to grant the employer the right to totally wipe that device should it be lost, stolen or when the employee leaves the company.
Employees who decide not to follow these guidelines or neglect them all together should face consequences up to and including termination.
Having such rules in place helps organizations maintain more secure and efficient work environments. But, is this enough? What happens when employees have more than just corporate email on their own smartphone or tablet or your network extends into the cloud?
These days, not only do you need to consider the capacity and security of your wireless or Wi-Fi network due to the BYOD phenomenon but you also need to consider the security of the corporate data stored on those devices and the potential threat those devices may pose to your network.
At this point, we need to go beyond acceptable use policies and segmented Wi-Fi networks, to considering technology that can help manage the risk and security to your business from mobile devices.
MDM and MAM: What’s the difference?
Mobile device management focuses on controlling the device. At this level, you can qualify the device before letting it connect to your network, make sure it is encrypted, establish secure connections and even shut off the camera if desired.
Typically you cannot selectively wipe a device with MDM alone.
Mobile application management adds more granular control over corporate applications and data on the device. At this level and in the same scenario, you add full control over those applications and data that are pushed to the device and thus, can safely wipe only those apps and data if needed.
What needs to be considered before going down the path of MDM and MAM are the following:
• What do you need to secure?
• Which types of devices do you need to secure?
• Most importantly, how well will your end-users accept the changes?
Potentially, the biggest mistake one could make would be to lock everything down to the point that end-users refuse to use it.
Solutions like ZixCorp’s ZixOne, Citrix’s XenMobile and Microsoft’s Enterprise Mobility Solution offer a range of capabilities, from securing just Exchange data on your device, to full MDM/MAM, to multi-factor authentication and data loss prevention. The choice should be based on what best meets the needs of your business as well as your employees’ access to your organization’s data.
Today’s business and personal environments are dominated by technology and as time continues, this will only become more intertwined. The important message for businesses, small and large, is to remember that while technology is ever-evolving, one must stay on top of the changes to remain efficient and to keep data protected and secure.
In today’s world, where everything is “smart” and mobile, whether an organization supplies the device or an employee brings his or her own, controls need to be put in place to secure the information and the data being exchanged. It’s the only way to operate in today’s mobile and accessible world.
Mark Benton is a product manager at Maine-based Systems Engineering and a board member of the University of Maine Cyber Security Cluster. He can be reached at 603-226-0300 or through syseng.com.