Mobility has transformed the way that we work, communicate and socialize.
In today’s mobile enterprise, the lines have blurred between personal and corporate assets, and IT organizations are responsible for much more than simply protecting corporate-owned devices. Increased mobile reliance, BYOD and employee cloud application usage have consequentially begotten higher security risks. With these new trends and the vast amount of apps available, your enterprise data is especially vulnerable to rogue apps and malicious websites. In order to protect your corporate assets, consider a Mobile Device Management platform like MaaS 360.
Mobile Data Security: Finding the Balance
The terms Data Leak Prevention (DLP) and Containerization are beginning to dominate the mobile device management conversation. Great strides have been made in recent years to provide the tools and solutions that offer management and security for mobile devices. Whether this be for corporate owned devices, or for those that employees own.
Prudence dictates that you look for ways to supplement your mobile device management (MDM) solution. For example, more robust security controls to help secure and protect sensitive data from being distributed to unauthorized third parties, either inadvertently or maliciously.
Understand Your Goals
As you research technology, you will discover different approaches. These approaches have different strengths and weaknesses, but the first task is to understand your goals. You will need to balance your company’s tolerance for risk related to securing confidential data with providing a productive, simple user experience as you develop your goals and approach profile.
Mobile Data Security is typically the top priority when organizations implement BYOD. Enforcing a passcode and encryption, as well as the ability to wipe the device if it is lost or stolen, are common features of an MDM platform. However, additional security measures are also available with MaaS 360. Restricting copy and paste, screenshots, and blacklisting (or whitelisting) apps (Facebook, YouTube, gambling sites, etc.) and even limiting access by time of day are options.
Infections to mobile devices continue to accelerate with an increase of 25 percent in 2014, compared with 20 percent for 2013 – an estimated 16 million mobile devices are infected by malware at any given time.
Motive Security Labs Malware Report, H2 2014, Motive Security Labs
Organizations should consider the following mobile security activities:
- Educate employees about application security. Educate employees about the dangers of downloading third-party applications and the potential dangers that can result from weak device permissioning.
- Protect BYOD devices. Apply enterprise mobility management capabilities to enable employees to use their own devices while maintaining organizational security.
- Permit employees to download from authorized app stores only. Allow employees to download applications solely from authorized application stores, such as Google Play, the Apple App Store and your organization’s app store, if applicable.
- Act quickly when a device is compromised. Set automated policies on smartphones and tablets that take automatic action if a device is found compromised or malicious apps are discovered. This approach protects your organization’s data while the issue is remediated.
Separate Work Data from Personal
When rolling out a MDM platform, employees tend to be concerned with their privacy. Will my company have access to my personal emails, texts, and pictures? Can I still use Facebook when I’m not working if the app is blocked on the corporate network? With MaaS360, you can create independent user environments to separate “work” from “personal” data and experience on mobile devices. This method is known as containerization.
Think of this as a completely separated “sandboxed” area, where only certain activities can occur. Because all work activity is performed in this sandbox, the user will not be able to use the native email client (i.e. iMail). Instead, they will have to use the email, calendar, and contacts functionality provided by the software inside the container. When an employee leaves, or if the device is lost or stolen, a selective wipe ensures that only corporate data is removed from the device – personal data stays in tact. When not within the MaaS360 container, the device resumes to the native OS user experience.
It is important to help your user base understand the importance the solution provides to the organization in meeting its data security goals.
Whether you have an internal IT team that manages your MDM, or if you outsource, the ability to manage your mobile devices from a central platform increases efficiency – and also eliminates headaches. Enrollment with MaaS360 is Over the Air. From resetting passcodes, wiping devices, and running reports can all be done remotely within a portal instead of manually having to touch each mobile device.