The rise in use of mobile and BYOD technology is great when it comes to giving employees any time, anywhere access to data. But it presents new challenges for IT departments in terms of keeping data safe and secure across enterprise networks and mobile platforms.
In a recent Dell Global Security Survey BYOD was highlighted as a root cause of security breaches. Of those polled, 57 per cent ranked increased use of mobile devices as being a top security concern in the next five years. Part of the problem is employee resistance as people find workarounds to avoid restrictive security policies. An ever increasing choice of device types and different operating systems can also add to security risks. To help companies gain maximum benefit from mobile device usage whilst keeping data secure, Dell has come up with five best practice recommendations for enterprises.
1. Build an optimised network infrastructure for BYOD
By creating a distinct BYOD network organisations can manage bandwidth demands and ensure that personal devices and mobile apps are validated before they're allowed to connect. A master security policy can allow access to corporate information and parts of the main network from mobile devices, while helping to ensure that no information leaks out through personal devices.
2. Set up a remote access policy
Secure mobile access is essential to safeguarding corporate data. Companies need to insist on a strong PIN or password as a first line of defence should a device be lost or stolen. Secondly, companies need to use secure mobile access solutions that use context-aware authentication, network access controls and a virtual private network to allow only authorised users, apps and devices access to corporate resources. A secure mobile access solution with these capabilities can reduce the risk of compromised devices or the use of mobile apps that could act as a conduit for malware, as well as preventing data theft.
It's also important to educate employees on risky behaviour such as using Wi-Fi hotspots without a VPN connection. IT departments need to use device management to ensure that OS updates and patches are installed to keep devices secure too.
3. Encrypt data stored on devices
Adding encryption to mobile devices is an effective way of preventing data loss and theft. Organisations can centrally administer encryption policies based on users, groups and data sensitivity.
4. Use secure containers
Containers offer an effective way of separating personal and enterprise apps and data, helping to safeguard corporate information. By downloading a simple app with the container, employees gain access to the productivity and collaboration tools needed on their preferred devices. At the same time they protect their privacy and keep personal data from being accidentally wiped by IT.
5. Use identity and access management
Companies need a unified approach to accessing corporate data and systems. This should include an access control policy, separation of duties, and a single sign-on. A well-executed identity and access management policy can help with compliance by shifting responsibility to line managers who know what access should be available to staff.
"Securing the enterprise workspace is a daunting task, especially when you consider how the growing adoption of mobility and BYOD contributes to vulnerabilities that can lead to breaches," Neal Foster, executive director, Mobility and Integrated Solutions at Dell says. "Following a set of proven best practices, backed by flexible, proven mobility solutions, is the ideal way to accommodate an ever-expanding array of device types, platforms and enablement strategies while improving employee productivity and ensuring that vital corporate information and systems are safe and sound".
More about Dell's own Enterprise Mobility Management solutions can be found on the company's website. And for more on BYOD, check out our closer look at BYOD security: How concerned should you be?