When most business people think of IT security they think of how policies and technology can restrictive the ability to get their work done., but in the mobility space enterprises have a real opportunity to use good security practices that enable more access to applications and better data management.
In today’s mature enterprise client computing environments, most people are familiar with common security practices like passwords, tokens, antivirus software and content access restrictions. In the fast-paced mobile environment, however, businesses have struggled to keep up with new devices entering the market in addition to the thriving practice of bring your own device (BYOD) where staff use their favourite mobile handset for work.
The result of this rapid change is many applications are sitting behind company firewalls and unable to be utilised by staff who are increasingly mobile enabled with personal and company-owned devices.
One of the barriers to mobilising business apps and data is concerns around the security of the information, including access information like login credentials. The opportunity enterprise mobility presents does not need to be encumbered by fear of data breaches. With the right security technology and processes in place organisations are able to confidently deploy applications to every end point device thus enabling a more mobile workforce where staff have access to the information they need to do business at any location. This is how security becomes an enabler for mobility.
A recent study by ApacMarket.com forecast the Asia-Pacific mobile security market to reach $7.5 Billion by 2020 showing strong intention to protect information in mobile devices. According to research firm Gartner, by 2017, 75 percent of mobile security breaches will be the result of mobile application misconfiguration – a good indicator of the need for better mobile management.
One of the barriers to mobilising business apps and data is concerns around the security of the information
Device management includes data security
Like PC clients before them, most smartphones in use today are used without any remote management or security policy controls. IT managers are adopting mobile device management (MDM) solutions to bring a level of management and control over smartphone and tablet devices used for enterprise mobility.
Managing devices is only part of the equation and the focus must turn to the applications and data on the device. The refresh rate of mobile devices is very high and in the event of damage or loss they can be replaced easily. Not so any sensitive information on them.
App deployment and management, data protection, separation of work and personal environment and mobile Web policies are good practices for securing a fleet of mobile devices.
Enterprises across Asia must focus on mobile app and data management to provide an appropriate level of security amid a sea of handset technology. This approach also lays the foundation for security as a mobility enabler.
Security as a mobility enabler
With the appropriate controls in place, enterprise mobility strategies can begin to exploit the potential for bringing more applications to mobile end-points. Today’s complex enterprise architectures have many applications which are not available on mobile devices leading to missed opportunities with workers not being able to access the information they need wherever they need it.
Secured mobile devices can support containerised apps, data backups and Web access controls. With these controls in place IT managers can confidently develop or deploy a mobile application to boost productivity knowing the information within the application is secure and can be destroyed if the device is lost.
Advancements in mobile Web technology has made this interface more suitable to business applications and with the right controls in place security enables staff to access Web applications in a manner similar to an office desktop.
For example, a Web-based ERP system in use by staff with office desktops or corporate notebooks, might be deemed not suitable for mobile devices due to a poor browsing experience or a high risk of data being compromised. Mobile application and content security controls overcomes this risk.
With security controls in place IT managers can confidently develop or deploy a mobile application to boost productivity
Keeping an eye in personal mobility
As part of an enterprise mobility security program, organisations must consider which personal devices and apps and being used for work.
Tactical security controls like mobile data management can be applied to all devices – personal and corporate – and there are advantages in separating personal and business data. People are most productive with the devices and apps they are familiar with and the security of personal apps should not be overlooked and can also be a significant mobility enabler.
With low-cost devices and millions of apps within easy reach, BYOD and BYOA (apps) are becoming more prevalent in the workplace. According to research by IDC, across the Asia Pacific region mobile devices utilized under the BYOD model has accounted for 22.5 per cent of all consumer smartphones shipped in 2013.
This trend presents another case for security as an enabler for enterprise mobility. Organizations can take several approaches to personal devices and apps – from blocking them outright to allowing staff to use whatever they like. Securing apps on personal devices enables workers to be productive with what they are familiar with, but at the same time protect the information being accessed and generated.
Table : How security becomes a mobility enabler.
|Mobile security focus|
|Personal productivity||BYOD and BYOA can be huge productivity advantages but they need to be secured to minimise the business risk.|
|Mobile data management||MDM and MAM are good tactical starting points for mobile security. Management provides a platform for personal and corporate mobility enablement.|
|Mobile Web access controls||Many applications are Web based and should have appropriate access and content controls before being access from mobile devices.|
|Device features||Most modern devices have sensors, including biometric sensors, which can be used to tie in more security controls like two-factor authentication.|
|App deployment||Virtualization and containers provide a secure area on mobile devices so in-house developed or public apps can be deployed to any device.|
The native device security advantage
In addition to device and content controls offered by MDM solutions, enterprise mobility strategies should investigate the use of the various sensors already embedded in modern mobile devices.
For many years enterprises have separated access control systems from IT security systems and a fresh approach to mobile security can break down such siloes. Technologies like near field communications (NFC) allow enterprises to bring physical access control together with mobile devices in another great example of security as an enabler for mobility.
Native device sensors like NFC, motion control, Bluetooth, Wi-Fi and cameras and image scanning can give enterprises a second factor for common security processes like authentication and trusted content sharing.
Mobile devices have a lot to offer enterprise productivity and are at the forefront of bridging the IT and physical security worlds. Security is an enabler for many processes relating to mobile computing and should not be viewed as an “add on” that holds back productivity.