As you might expect, mobile data users move faster than the rest of the business world. They adopt new tools quickly. They adapt to new policies and protocols readily. They overcome obstacles with pragmatism and speed. Keeping up with the mobile workforce has kept network administrators on their toes. But looking ahead, IT departments are looking far beyond their role as fleet managers for a fringe group. They must now address the growing number of mobile users at all levels of their organization and look to provide more than simply access. They must now reach this mobile workforce through specialized services and custom-developed applications.
At the heart of all mobile activity is the paramount importance of security. As users take on multiple devices (tablets, smartphones, etc.), connect to an increasing menu of wireless peripherals (storage drives, printers, etc.) and flirt with an explosion of exciting new applications, the need to secure every endpoint has forced IT directors to reassess their entire mobile strategy and architecture.
To help you plan for the coming year, Good Technology has identified six trends that will drive mobile security issues in 2012.
Click through for six trends driving mobile security in 2012, as identified by Good Technology.
Used to be that the mobile work force was composed primarily of employees working in remote locations. But the rapid popularity of tablets means today’s mobile users include CEOs, analysts and directors who need constant access to data as they hop from boardroom to conference room. They expect the ultimate in security, but also want full-use functionality — without any lock-out features.
Many large organizations are realizing that it’s easier to develop and deploy their own secure apps for employees with off-the-shelf solutions. By deploying lots of small, low-cost apps to their workforce quickly, they can survey use and get the feedback they need to make improvements and speed updates to find the most productive mobile tools for employees. If a particular app is a hit, the developers will know it right away and can pour their investment into revisions. If the app isn’t a hit, it’s chalked up as a “fast failure” that saves the company time, money and risk.
Because bring-your-own mobile devices have become ubiquitous, the developers of consumer applications are feeling the heat to meet the highest standards of security. In applications that deal with banking, health care, insurance or highly personal and sensitive information, the expectation of privacy and protection is placing new pressures on those who develop and deploy apps.
The phrase “enhanced authentication” will become more common in mobile circles in 2012, as CIOs who view tablets as an extension of their existing desktop/laptop environment will feel the need for a consistent policy and approach to authentication. The mobile device itself will also become an authenticator in its own right, providing an alternative to smart cards and hard tokens and improving overall security by enabling location and other behavioral attributes that still respect user privacy.
By their very nature, mobile devices take corporate data to new and dangerous places every day. Wireless printers, USB drives and thousands of other connections present troublesome opportunities for the network administrator. To safeguard so many different endpoints, companies may need to revisit their mobile security architecture and create a new endpoint-independent architecture that incorporates a repeatable and defensible methodology against data loss or leakage.
The explosive adoption of wireless and mobile devices presents enterprises with unique security challenges. Suddenly, there’s a lot more leaks in the boat. To successfully monitor and manage these changes in device complexity and employee behavior, it may be necessary to divide and conquer. Instead of a lone watchdog monitoring a single mobile device management (MDM) screen, it may be time to create a cross-functional team that can oversee and double-check compliance and consistently in security policies. Companies achieve success in mobile security by generating greater awareness of security policies and procedures among their users, and involving them in the security decision process.