Mobile explosion in the enterprise: how secure is your business?

The Future of Work: Part 3

BYOD mobile data

The new, complex multi-screen enterprise IT environment presents a large security and management challenge for IT in terms of keeping track of data, and securing against malware.

There are always three main points at which data is vulnerable – the network, the endpoint and the application – and the spread of consumerisation multiplies the number of vulnerability points.

Businesses are finding it tough to get to grips with this environment. For example, 62% of those employees who use their own devices at work do not have a corporate IT policy governing that behaviour, and are looking for solutions that help make it easier to manage - securing and monitoring all different devices and applications from a single pane of glass.

This has been a difficult task in practice, with mobile devices requiring different management systems to those used to manage the range of PCs and servers that businesses have traditionally used.

Casting a wide security net

A fast growing market has sprung up around the need to manage and secure mobile devices, offering features such as remote lock and wipe and application provisioning, but the goal for most vendors in this space will be to work toward a solution that manages the whole endpoint estate within an organisation.

Some of the vendors coming from a more traditional ITSM background are edging towards this goal, combining mobility management features with PC and server management, but it may still be several years until there is widespread usage of single solutions that allow IT administrators to manage all devices and applications from a single pane of glass.

Part of the challenge for enterprise IT in managing this multi-screen environment is that each operating system and device type has different capabilities, features, and methods of management.

Many devices built with consumers in mind are also unequipped with the security features that are required in an enterprise context. For example, the ability to encrypt data on the device and communications over the air, or remote tracking, lock and wipe capabilities.

The benefits of baked-in security

So, if employees are buying and using devices that have security features built in out of the box, such as a secure container or separation of work and personal profiles, like Samsung Knox or BlackBerry Balance, it answers a significant part of the IT management challenge.

Businesses would have to consolidate on a single type of device for it to provide the whole answer, and in a world of huge consumer choice that is an unlikely scenario in most organisations, but the more employees using these pre-secured and manageable devices the better.

In addition, the ability of smartphones, tablets and laptops to capture biometric data such as iris scans or fingerprints, create new opportunities for authentication factors that can help make data security stronger, but also create a less disruptive and time-consuming experience in the workplace for employees.

As various devices, online services and applications become an integral part of daily life for consumers, the workforce as a whole is becoming more tech savvy and able to find or suggest their own ways of working.

Employees and their line of business managers naturally have a more intricate knowledge of their everyday working processes and how they might be improved through mobile, flexible practices.

Unity needed between IT and business

This means that the fundamental role of the IT department has to change: it is now about embracing innovation from around the organisation and enabling it as far as possible, while maintaining the required levels of security and central management.

IT must align with lines of business to establish which devices and applications will improve processes and make employees more efficient and productive – it is getting harder simply to centrally mandate which applications every worker should have access to.