You are here


Mobility changes how we do business – allowing a freedom to work anywhere, anytime – and whilst it certainly has its benefits, it can also pose a business security threat if not done correctly. Security behaviours are typically lower on mobile devices compared to desktops, making the threat of data loss, security breaches and regulatory compliance violations real. Make safeguarding your mobile workforce a top priority and understand the rigorous standards you can undertake to minimise risk, while ensuring agility and productivity.

Securing Corporate Data

Hackers can exploit weaknesses in connected Wi-Fi networks, mobile phone networks, and cellular data protocols to eavesdrop on data transmission, or to hijack users’ sessions for online services, including web-based email, and gain access to an entire corporate database. Mobile malware threats, device attacks, and communication interception are common ways for hackers to attempt to gain control and steal data from a device, spread to other devices, or attempt a distributed denial of service (DDoS). Insuring the integrity of corporate data is, therefore, paramount for any mobility strategy.

Separating Work and Personal Data

Depending on the mobility strategy, employees may be using their mobile devices for both work and their personal lives. BOYD especially, where employees use their personally owned devices in the office and access corporate data with them, can be an issue as there is little control over things like security, reliability, and compatibility. Subsequently, the IT team need to ensure enough control over the location of sensitive work-based data, while maintain a distance from personal data.

Enforcing Mobile Policies

Whilst documented security protocols should be in place, updated, and shared regularly with employees to ensure they are aware of and use protection measures, this reliance on employee compliance is tenuous at best. It only takes an employee who doesn’t understand or care about the importance of maintaining security protocol, or to act maliciously, to accept risk. Consequently, the ability to enforce mobile policies is of high importance.

Creating a Mobile Security Strategy

There are several layers to a good mobile security strategy that can keep your data assets secure and reduce the risks posed by enterprise mobility. Implementing threat protection layers, robust mobile policies, and continuous monitoring and management can address the above challenges and the related legal, privacy security requirements associated with use of diverse mobile devices. 1. Threat Protection While employees may be educated not to download suspicious software, apps, documents or even click on malicious links, it is critical to install security suites across all mobile devices. Protect devices by using intrusion detection and prevention systems, vulnerability scanning and application blocking and data loss prevention software. 2. Device, Content, and App Management Enterprise mobile device management systems allow your IT team to take control of all devices and data in a mobility environment. This includes enabling the IT team to: Install remote updates automatically so that the security software remains current Remotely data backup for easy recovery of data and wipe contents of lost or stolen devices Automate policy enforcement of network attached mobile devices that operate inside and outside the firewall. Enforcing security of the device, content, and apps can occur through: Mandatory encryption at a disk level for devices connecting to or holding company data PIN or access code and automatic lock screens for devices Security layers such as two-factor authentication for app processes to ensure added account protection Only authorised app store downloads allowed 3. Network Access Control NAC tools can inspect mobile devices connected to the network to make sure they are up to date with the latest security patches and download updates automatically, before allowing the device to connect. It is necessary for organizations to track and keep tabs on the locations of all outdated devices that may still have access to data. NAC is important in the onboarding and offboarding of devices from wireless and wired corporate networks.