Enterprise Mobility & Connected Devices Blog

Comprehensive Mobile Security Management Strategy-Foundational and Required

As demand for and usage of mobile devices continues to expand across organizations, so too has the need for effective protection of confidential data and communications. This capability is critical in enterprise environments where mobile devices are frequently out in the field and not in a fixed location—essentially, wherever a mobile worker goes, so goes critical personal and potentially sensitive data.

While many corporate IT organizations are well equipped to deploy enterprise mobility solutions—the security and device management elements of these solutions are becoming more critical. ISV continuing to sharpen their mobility focus, along with expanding mobile application scenarios, and the fact that the "bring your own tech" trend has persisted, has added complexity in securing a multi-OS device landscape (an increasingly standard mobile deployment characteristic).This is not only expanding the mobile device threat environment in terms of the sheer number of users, but in penetration into corporate IT environments. As mobile applications continue to a become more sophisticated, and integrated with enterprise applications and ERP suites, the amount of private corporate data being stored along with, email, and other sensitive information is increasing, and can cause reputational harm to the business.

Physical loss of mobile devices will always be a significant threat; the potential data leakage that can result from device theft and/or loss poses a significant threat to an organization. This has made the need to possess the ability to remotely locate and lock and/or wipe lost or stolen devices a requirement. In fact, security management has become foundational, and a requirement for organizations of all sizes that are using mobile technologies in their day-to-day activities.

In this vein, organizations that are planning to deploy or expand their mobile workforces must incorporate a mobile strategy into their broader corporate strategies. There are several strategic approaches available for securing a growing mobile workforce that can be effective and can scale as deployments expand—a combination of these approaches can be very effective:

  •  Internal IT: Consider investing in hiring personnel with subject matter expertise in enterprise mobility deployments, and/or train their existing personnel. Organizations with smaller deployments and Microsoft technology platforms can leverage bundled software, such as Activesync for simple and basic device and policy management
  • Enhanced Device Management: Utilize software and services from security and device management software vendors for enhanced/more sophisticated control of company-issued mobile devices.
  • Sandbox / Virtual workspace: Segregating corporate and personal data can improve security on the device, and prevent malicious use of data residing on the mobile device by applications.
  • Risk-Based Management: Implementing mobile policies and practices that restrict corporate access of mobile devices with “high risk” factors (such as out-of-date security policies and unauthorized mobile applications).

The security and device management software category is one of the most mature within the mobile ecosystem, as these software solutions have been widely deployed in organizations with large rugged mobile device deployments. The need for the solutions that market leading security and device management ISVs bring to the market is well established, as these solutions have been helping organizations secure their mobile device deployments, mitigate risk, and lower the costs structure associated with managing their mobile workforces. The challenge moving forward for security and device management ISVs and for corporate IT organizations, will be to ensure that their solutions are unobtrusive and consistently deployed/administered.