Ashar Samdani, Marketing Manager at TkXel
Security in Enterprise MobilityVirtually every study that has explored the impediments to enterprise mobility and BYOD programs cites security concerns as the primary roadblock. To understand the security risks inherent in mobile, consider that your organization has as many devices out in the world as you have employees, if not more. Assuming each of those devices has 32 to 64 MB of memory, how much information do you stand to lose, or have compromised, if that device is lost or falls into the wrong hands?
More and more devices now connect to an organization’s internal network, and also access corporate content caches and business applications. If these devices are not monitored or governed, which many are not in BYOD programs, they can hurt your company’s compliance status and expose your network to threats.
The damage such threats can do is not cheap, either. Several studies have examined the cost of mobile security threats — one study by the Ponemon Institute estimated a cost of $250 per lost record. Similarly, Symantec’s State of Mobility Survey estimated the cost of a mobile breach at $429,000 for an enterprise and $126,000 for a small business. Those figures include costs such as lost productivity, lost data, harm to the brand, lack of customer trust, and direct financial costs.
Implementing appropriate mobile security measures is clearly a business imperative, but it also requires striking a balance between risk management and productivity. Lax security measures can cause financially devastating breaches, but excessive security can smother workers, impeding their work rather than facilitating it. A sound security strategy will preserve the productivity benefits of mobile while also addressing its three major threats:
App proliferation: privacy threats and malware.
Studies estimate that smartphone users have an average of 33-60 apps installed on their phones. With each app comes potential exposure of the corporate network to malware. Even if apps aren’t malicious, privacy threats are also an issue because they have the ability to access, gather, and send your data in a manner that circumvents traditional mobile security mechanisms. An acceptable-use policy can help you control the risk of third-party apps.
Greater mobile access.
Mobility means that more devices than ever will have access to your network and corporate data. The security risks are exponentially higher when you have more devices with more access than ever before. Creating a separate, secure mobile gateway is one way to mitigate these threats; you can limit what employees access via mobile and equip the gateways with tools like firewalls and data-loss prevention tools. You can also configure devices not to connect to unsecured Wi-Fi and hide Bluetooth from discovery.
Explosion of file-sharing tools.
One of the most common mobile security solutions is the ability to lock or wipe devices that have been lost or stolen. However, that solution doesn’t protect at all against cloud-based consumer file-sharing programs. The threat of lost and stolen devices pales in comparison to the threat of data leakage from these sharing tools. For example, Dropbox and Evernote are commonly blacklisted by enterprises because they allow users to save data outside of your company network. That data is then shared with every device that is connected through the tool. Your mobility solutions should offer a viable, more secure alternative to these popular tools to keep your employees happy and your data safe.
These are some of the main factors which can account for a risk in your enterprise solution if not addressed properly. Do let us know in comments if you have faced any of these issues or if you think we missed out on anything!
Learn what are the potential security risks associated with Enterprise Mobility and how to address them. Sign up for our 30 minute free consultation at: