It is no secret that employees are bringing their own devices to work and accessing the organization’s network. Bring Your Own Device (BYOD) is arguably one of the greatest challenges that IT departments face today and rather than sticking their heads in the sand, many are attempting to weigh the pros and cons of this trend.
So how should an organization start to flesh out their mobile security strategy? With mobility top of mind with our customers, this is a conversation that we have often and these are the best practices that we suggest:
Don’t think of it as a point solution.
If only it were that easy! Yet, your mobile security strategy can’t be defined by purchasing a single point solution. For example, while network security (i.e. VPN) is part of the solution, it is not ‘the’ solution to BYOD. A mobile strategy must be multi-faceted and address many vectors of attack, manageability and scalability, and reduce residual data on the device.
Mobility is no longer IT dictated; it is user dictated.
This is a concept that organizations must wrap their head around. Typically, corporations purchase only 20% of the mobile devices that are used within their organization, according to Gartner. The other 80% of devices connecting to the network are purchased by the employee. Across an organization, this accounts for hundreds of device types, brands and platforms. IT departments must have a solution to address this type of diversity.
Smart device security is essential.
Not only must a strategy take into account the wide array of devices available and how to effectively manage them, but it must be able to secure each of these devices in a meaningful way. Incorporating smart features allows IT departments to remotely wipe and lock a device in the event it is lost or stolen.
It’s not just the software, it’s the hardware.
The bad guys have realized that if they can access the hardware, they can control the device and gain access to the software and the data on your device. As BYOD grows, so does advanced persistent threats where attackers go below the operating system and download root kits that will control the hardware. It is important to protect at the hardware level as well as at the software level.
App security is a necessity.
The number of applications available to download is growing every day and each one can pose a risk to your network. Organizations need to consider creating their own app stores where they can test and control the use of apps on the network and create specific policies around approved apps.
Reducing residual data.
Virtualized desktop infrastructure (VDI) can help control the amount of data that is stored on a device. By storing information on a centralized server in the cloud, the amount of data that is stored on an actual device is minimized. This means that if a device is stolen or lost, the risk of sensitive data being compromised is reduced because less data is stored on the device.
Mobility is going to be a topic of discussion for years to come and creating a comprehensive mobility strategy is essential to managing the BYOD trend. If you have other best practices that you’ve seen success with, please drop us a comment below.
