The evolution of mobile security poses a risk to valuable data, and while there are many solutions, the three-tiered approach proves highly popular
As more people work from home, IT is faced with the increasing challenge of balancing employees’ desire for greater mobility and choice with the need to secure company data. Whether it’s remote salespeople or high-level executives, smartphone, tablet and at-home log-ins will involve the use and storage of enterprise data, of varied sensitivity.
Those that ignore the inevitable trickle of mobile devices into the enterprise risk suffering significant fines and reputational damage should a data breach occur. A three-tiered approach to secure mobility is best: offer secure connections, protect the data and monitor devices.
Employees can get encrypted mobile access to company data on the corporate LAN through a Virtual Private Network (VPN). VPN clients exist for virtually all of the popular mobile platforms and while applications might be run locally, the data, in theory, remains ‘upstream’, encrypted and protected in the company servers. However, without an effective mechanism to ensure the data isn’t copied to a local device, VPN solutions don’t necessarily allow CISOs to sleep well at night.
A more sophisticated way to protect data and integrate mobile devices is through cloud-based multi-tenancy. The term ‘multi-tenancy’ here describes a mobile device that contains both an employee’s personal data and corporate data. Backend servers deploy services to the device and the virtualisation solution runs in its own space to keep data firmly segmented, copying nothing but the client application to the endpoint.
Mobile device management (MDM), for example Absolute Software’s Absolute Manage and Computrace, can remotely monitor smartphones and tablets.
This provides alerts of error conditions as they happen, so if a tablet is never supposed to leave a factory floor and a geotechnology alerting system indicates it is travelling to an employee’s home, an alert of a potential breach and resultant liability scenario is sent. The same technology can also flag potentially dangerous applications installed on an endpoint – and can lock, wipe, or reset an out-of-control device.
0118 902 2000