This blog was written by a third party author.
With recent global health events resulting in a surprise shift to an either completely remote or hybrid remote workforce for many organizations, the need to leverage mobile devices as work endpoints has grown significantly. This has created challenges for IT in maintaining both the ability to manage a wide range of devices, as well as securing them in a way that achieves corporate security objectives and governance.
With a majority of organizations reporting being the victim of a successful endpoint attack in a recent Ponemon Institute study, it’s imperative that organizations include the securing of these mobile devices to corporate networks, systems, applications, and data. This is the basis for implementing mobile device security.
Mobile Device Security refers to the protection of critical, sensitive, and otherwise valuable data that either exists on or is transmitted to/from a mobile device that includes smartphones and tablets, . And because mobile devices are not necessarily corporate-owned, the entirety of the BYOD movement can be included.
Accomplishing this is done using a number of solutions – used either individually or in concert – to create an environment where a consistent level of mobile device security is established and maintained, regardless of the device operating system and it’s sometime limiting capabilities around conformance to organizational security needs.
Securing mobile devices is usually achieved using one or more solutions that include:
The use of such solutions helps to achieve a consistent baseline of security for corporate-owned devices.
In many cases, the only mobile device accessible to the remote worker is that of a personal device – in order to allow these personal devices to access corporate information, there are management and security policies that should still be enforced.
Unified endpoint management (UEM) plays a vital role in helping organizations establish a modern BYOD security stance. Effective UEM maintains user experience for employees regardless of device ownership, while enforcing BYOD policy.
Ultimately, UEM makes it possible for organizations to devise a more flexible and enforceable BYOD policy. And, a MTD solution will help protect against mobile threat vectors even on BYOD devices. And, by integrating the UEM solution with MTD you can provide the same automated remediation capabilities to protect your coporate data on the BYOD device as a corporate owned device if a threat occurs.
Another useful resource a business can utilize when it comes to BYOD is a virtual workspace. The use of a virtual controlled environment in which all corporate applications and data reside is often an effective means by which to extend the reach of the company’s secure operations down to a personal device that is uncontrolled and unable to be secured by the organization.
One of the other challenges with a remote workforce is the insecure wireless connectivity used by so many. Even when working from home on a personal WiFi network, the connection from the mobile device and the corporate resource is far from being verifiably secure. Mobile device security solutions can assist in providing security to wireless networks:
And once again, when UEM is integrated with MTD, business can take automated remediation steps and enforce their security policies if malicious activity occurs on a wireless network.
The use of solutions to achieve the goal of securing both personal and organization-owned devices provides the organization with a number of benefits to their cybersecurity initiatives. The specific devices used are known to IT and security teams, are configured and managed when possible, allow for security policies to be enforced, and limit access to organizational applications, resources, and data.
The end result is a balance between allowing the remote worker to be productive no matter what device is in use, while still maintain corporate security standards.
About the Author: Nick Cavalancia
Nick Cavalancia is a Microsoft Cloud and Datacenter MVP, has over 25 years of enterprise IT experience, is an accomplished consultant, speaker, trainer, writer, and columnist, and has achieved industry certifications including MCSE, MCT, Master CNE, Master CNI. Nick regularly speaks, writes and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance.