Mobile devices – the weakest link of enterprise security?

The concept of mobility has changed completely in recent years. The mobile enterprise is not just a business that optimises its website for mobile devices, nor is it one that allows its employees to work from home every so often. True mobile enterprises place mobility at their core, transforming their operations, engaging better with customers and partners, while all the time creating innovative, mobile-centric business models that benefit the bottom line.

Share

The concept of mobility has changed completely in recent years. The mobile enterprise is not just a business that optimises its website for mobile devices, nor is it one that allows its employees to work from home every so often. True mobile enterprises place mobility at their core, transforming their operations, engaging better with customers and partners, while all the time creating innovative, mobile-centric business models that benefit the bottom line.

As windows into the mobile enterprise, the security of mobile devices (whether smartphone, tablet, laptop or M2M device) is critically important. Indeed if such devices are not protected in the right way, they could well represent a weak link in the armour that protects enterprise systems and data. A good example of this comes from recent Oracle research which in part looked at how well professionals look after mobile devices.

Lost and stolen

Our survey showed that mobile devices are being lost and stolen to a fairly alarming degree – especially by the young. We found that a whopping 73 percent of workers aged between 16 and 24 admitted to having lost their mobile device at least once. Additionally, 52 percent owned up to having had their mobile device stolen on at least one occasion. The research also uncovered a generational trend: among 45-54-year-olds, device theft was reported at just 20 percent and losses at 36 percent.

The loss of mobile devices should give businesses real cause for concern.

Mobile enterprises are agile and productive precisely because they enable access to a wide array of mission-critical systems and data. The worry is that if a mobile device falls into the wrong hands it could be used to access these systems for malicious reasons. With data breaches, hacks and other cybercrimes making headlines every day, concerns over mobile security are rightly high up on the business agenda. These concerns should not, however, stop businesses moving as quickly as they can towards mobility. It means only that they should do so in a way that places security at the heart of everything.

Protecting the enterprise

If the mobile devices that are being used by employees are owned by the enterprise then much of the risk we have just discussed can be mitigated. Businesses can lock down the devices; ensuring that they are password protected and, in case of loss, sensitive information remotely deleted.

However, many workers will be put off using a device at all if it is not one they are familiar with or have played a role in selecting, especially if the usability of the device is hampered by heavy-handed security measures. The danger here is that they will instead use their personal device for work purposes. If the IT department does not know they are doing this, it cannot secure the device and the enterprise could potentially be vulnerable.

With our survey showing that 70 per cent of workers already use their personal mobile devices for work this is a challenge that business must act on now. For a truly mobile enterprise, businesses need to arm workers with the devices they want (preferably their own) and that have compelling, simple user interfaces.

COPE Vs BYOD

One solution to this challenge is COPE. A COPE (Corporate-Owned, Personally Enabled) approach is where the business allows employees, in collaboration with the IT department, to choose the devices and applications they use for work. For many businesses this is a perfect mobile solution as it brings huge productivity benefits while ensuring that IT can maintain control of devices.

Alternatively, businesses may be willing to embrace the trend of BYOD whereby employees are allowed to use their personal mobile devices for work. BYOD can offer significant savings on procurement and network costs in addition to productivity benefits.

To date, businesses employing a mobile strategy have tended to use traditional mobile device management (MDM) platforms to secure the device. The main problem with MDM is that it infringes on one of the key elements of a successful mobile strategy – usability. MDM technologies interfere with the usability of mobile devices by slowing down the user experience. This hinders productivity and can frustrate the user, in worst cases causing him or her to stop using the device altogether.

Find your next job with computerworld UK jobs