Enterprises large and small are going mobile. In fact, with BYOD (bring your own device), a wide range of mobile devices are making their way into businesses, and employees are exposing companies to security issues through shadow IT, the cloud, and the app economy, with or without their knowledge.
A new study by eBay shows that one in every four online SMBs will adopt a mobile strategy in 2015. Many businesses are now looking to get a grip on mobile and take back control of the tools and tech being deployed inside as well as outside of the company. Yet they’re all facing the same challenge—how to handle security.
With practices like BYOD becoming the norm in most organizations, the potential threat of unsecured mobile devices is increasing exponentially. A 2014 ESG research study found that a compromised mobile device was the main cause of security breaches for 47 percent of businesses. The unhindered flow of mobile apps into the enterprise poses a high risk. Gartner predicts that 75 percent of mobile security breaches by 2017 will be caused by misconfigured apps. While it’s difficult to estimate the exact cost of mobile security breaches, we do know it’s definitely less expensive to adopt a security strategy and prevent them from happening in the first place.
The biggest questions that CIOs and business leaders need to ask themselves are: What are the security gaps in their mobile strategies, and how can they fill those gaps?
MDM matters, but it’s not everything
Mobile device management (MDM) strikes us as the most obvious way to control and manage mobile devices used in an organization. However, it’s not enough to secure just the device. To compete with and control the host of security threats that are emerging, CIOs need to go beyond MDM and start considering mobile application management (MAM) and mobile information management (MIM) in order to bring the entire range of data and apps used on the devices within their control.
Separate work and private data
With BYOD in action, there is a lot of sensitive company information floating around on a bunch of different gadgets. Plus, it isn’t uncommon for one person to have a smartphone, tablet, laptop, and several other devices that connect to the Internet, all of which pose security risks. Many people use the same devices for personal and work purposes. Are they consistently connecting to secure networks? Definitely not. This leaves enterprises vulnerable to huge data leaks. Organizations need to explore enterprise VPN connectivity to keep business, personal apps, and data separate and secure.
Strategize for BYOD-turned-BYOA
BYOD is no longer just about devices. Today, the practice also applies to apps and software. Therefore, CIOs and business leaders need to plan their mobile strategies by keeping in mind the onslaught of applications, plus the different devices being used.
Locking down unmanaged services and third-party apps is hardly a solution since people will use them anyway, with or without IT’s knowledge. Plus, restricting an employee prevents organizations from taking advantage of a mobile workplace and neither practice is compatible with BYOD. Instead, the idea is to limit their incentives to use these services and apps. How? By providing IT-provisioned apps that are as job-efficient as their consumer counterparts, which may stop some of the BYOA (bring your own app).
Educate, educate, and educate some more
The next step to developing a secure mobile strategy is to make sure employees receive the maximum training and exposure to the best practices and policies in place. In fact, employee education is the keystone of a secure mobile strategy. It’s crucial to keep staff well-informed to get the greatest possible mobile endpoint security. Even the best solutions will fail if not implemented and used correctly. As businesses continue to expand their mobile strategies, educating people on the best way to protect company data will be a fundamental key to its success.
Despite all the precautions we take, in this era of growing tech challenges, we can never be fully at rest with our security strategies. Change is the only constant in the world of digital security, which means once you have a mobile strategy in place, you need to remain proactive, and look for new ways potential threats can arise and how best to combat them before they do any damage. Your mobile security needs to always stay one step ahead of this new digital workspace.
Additional Resources on this Topic:
The Perils of Shadow IT: Your Most Senior Executives Are Doing It [Ask Hillary]
Stale, Dead Apps Emerging as Serious Mobile Security Risks
The Millennial Report: Making Mobile Security Convenient is Key
photo credit: Phone security via photopin (license)
This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. For more on these topics, visit Dell’s thought leadership site PowerMore. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.
Daniel Newman is the Principal Analyst of Futurum Research and the CEO of Broadsuite Media Group. Living his life at the intersection of people and technology, Daniel works with the world’s largest technology brands exploring Digital Transformation and how it is influencing the enterprise. From Big Data to IoT to Cloud Computing, Newman makes the connections between business, people and tech that are required for companies to benefit most from their technology projects, which leads to his ideas regularly being cited in CIO.Com, CIO Review and hundreds of other sites across the world. A 5x Best Selling Author including his most recent “Building Dragons: Digital Transformation in the Experience Economy,” Daniel is also a Forbes, Entrepreneur and Huffington Post Contributor. MBA and Graduate Adjunct Professor, Daniel Newman is a Chicago Native and his speaking takes him around the world each year as he shares his vision of the role technology will play in our future.
Comments
The growth of the Internet and increase in adoption of devices has brought a new set of security challenges for enterprises. With BYOD, IoT, Mobile banking and m commerce trending worldwide, mobile security is critical. The need of the hour is to be aware and proactive towards mobile security. It’s a priority for us at Appknox(www.appknox.com).
We offer peace of mind to brand owners and the developers who create and maintain apps by doing regular security audits of their work, and alerting them to new vulnerabilities as they arise.