subscribe: Daily Newsletter

 

Poor security a threat to mobile strategies

0 comments
Of all the reasons for implementing a corporate mobile device management (MDM) strategy, protecting and managing corporate data is undoubtedly the most pressing. Yet, device and content security is probably the one area where companies are falling terribly short.
This is the opinion of Dries Morris, the operations director at Securicom, a maker and implementer of an end-to-end range of managed IT security services for companies in Africa.
“The massive array of mobile devices and operating systems, particularly in organisations that have embraced a ‘bring your own device’ mobile strategy, makes it incredibly difficult for companies to implement and enforce adequate security to protect corporate data stored and shared on employees mobile devices.
“Inadequate mobile device security is not only a threat to an organisation’s IT and data security, but it is also a threat the success and sustainability of the mobile strategy. Controlling applications is just the tip of the iceberg.
“There are a host of threats that must be considered and appropriately addressed, with data loss prevention, mobile malware, access control and device decommissioning being among these,” says Morris.
Citing from Gartner research, Morris says not all MDM solutions provide device encryption if it is not natively supported on the device and that some tools do not allow for the implementation of functions such as over-the-air (OTA) software upgrades and certificate-based authentication.
Furthermore, when it comes to Android devices, many MDM vendors offer generic support using a communication framework. However, this framework cannot be used to support and secure Kindles.
“Some MDM solutions also fall short in areas such as restricting the download and use of potentially-malicious apps and games on devices which are used for work purposes, the encryption of data in transit as well as data at rest, and features for the enforcement of data leakage policies.”
To ensure optimal security and compliance with corporate IT security policies, Morris says an effective MDM solution must provide for:
* Password enforcement;
* Device lock;
* Remote lock down or wipe-clean of lost or stolen devices;
* Data encryption;
* User authentication/access control;
* Anti-virus;
* Firewall;
* Device monitoring;
* Remote enforcement of security upgrades;
* Application control;
* Support for different types of devices and operating systems; and
* Data loss prevention/enforcement of data leakage policies.
According to Morris, Zenprise MDM tools, which Securicom offers as a cloud-based service to companies through an agreement with Blue Turtle Technologies which has the agency to distribute the technology in southern Africa, offers perhaps the most comprehensive and robust security features across the broadest range of mobile devices.
Early in June 2012, the company announced an expanded set of security and management capabilities for Android-based smartphones and tablets, as well as support for the Amazon Kindle Fire.
Zenprise protects the mobile enterprise end-to-end with the industry’s easiest-to-use mobile device management solution. Moreover, Zenprise enables additional security for Android devices covering both BYOD and corporate-issued Android use cases.
Zenprise boasts advanced security features such as Mobile App Lock, which stops users from launching malicious or non-compliant apps on their devices, secure encryption of network traffic, encryption of data at rest, and mobile data loss prevention.
“There are few MDM technologies available that offer such a strong set of security features. Before spending thousands of rands on a solution, companies must carefully evaluate whether the technology can adequately address their security requirements. Choosing a tool that can’t is counterproductive because security, rather than productivity, should always be the key consideration in a mobile strategy.”