When employees first began bringing personal devices to the workplace to use on the job, IT professionals had to make significant strategy adjustments to address the new reality.
Accustomed to visualizing security as a solid perimeter, they suddenly had to contend with a proliferation of new endpoints in the form of mobile devices operating on multiple platforms. The mobile revolution meant the way IT professionals viewed security had to change, and as mobile technology continues to evolve, IT organizations’ security stance will have to change again.
In the early days of the “Bring Your Own Device” (BYOD) era, some IT organizations tried to avoid the issue by simply banning the use of non-company issued devices on the job. But employees will almost always have access to new devices and apps , the inclination to use them, and, in many instances, enough knowledge to figure out a way to make them part of their workday regardless of policy. Policies that have been entirely based on restricting behavior usually fail to keep anyone in line. There’s no going back to the days of a solid security perimeter around the hardware: It’s just not possible to put the genie back in the bottle.
Do you like this article? You can share it on Twitter here
Companies that recognized this reality early on began adapting by putting Mobile Device Management (MDM) systems in place, establishing new operating frameworks and technologies to make sure they addressed the vulnerabilities introduced by BYOD while ensuring that the business could reap the benefits of greater productivity. But as mobile technologies evolved, it soon became apparent that focusing on the device alone wasn’t sufficient to address risks and enable greater productivity and collaboration.
The increasing use of apps complicated the security picture. Some companies turned to virtual private networks (VPNs) as a solution, requiring employees to log in from the road to access approved online and mobile assets. But trying to force employees to use cumbersome log-in processes when there are literally thousands of free, easy-to-use apps available for instant downloading is a losing battle, as many IT professionals learned the hard way.
Instead, savvy IT organizations have moved toward Enterprise Mobility Management (EMM) solutions that encompass MDM as a feature but also address app and content management for an end-to-end solution. This involves not just a shift in strategy but an accompanying shift in mindset, a recognition that IT can’t fully control everything and has to work with users to identify the apps they need to do their jobs and provide a safe way to deliver the necessary capabilities.
With an effective EMM solution, IT professionals can counter emerging hazards by identifying jail-broken or rooted devices that can threaten company data. They can work with users to define business needs and find apps that help employees do their jobs more efficiently – without compromising security. The right EMM strategy can also help IT teams distinguish between corporate and personal data on individual devices, enabling control over access to company information and preventing potentially harmful breaches caused by ActiveSync connections.
When companies move beyond MDM and embrace EMM solutions, the IT team shifts from a focus on devices toward a more contextually aware approach to security. There’s a greater emphasis on access and identity management to enable control over who accesses what data from where, and more awareness about devices, apps and restrictions. Device management becomes a feature in a more robust solution set.
As technology continues to evolve, IT organizations will have to remain flexible to ensure their companies continue to derive the greatest value from the mobile revolution. App success and a positive user experience are the essential value drivers in the mobile space, and IT teams that focus on optimizing apps and delivering a superior user experience instead of trying to shore up perimeter security deliver the greatest value, both for users and for their companies.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.