An effective mobile security strategy lies with the management. We have compiled the most important aspects of how you can make mobile applications more secure in your company.
First the Strategy, Then the Investment
In the smartphone market, there are currently only two relevant
operating systems: iOS from Apple, which only runs on the devices of the
manufacturer from Cupertino. And Android from Google, which runs on the
hardware of the search engine specialist as well as on the models of numerous
other device manufacturers. The available safety functions are closely
linked to the hardware. Performance, available Android version, and
specific adjustments made by the device manufacturer must be taken into
account. Accordingly, the security strategy must first be developed to create clarity about the requirements. Only then can a decision
about the hardware be made. The opposite way - to buy "fancy"
equipment first, then to see how it can be secured - quickly leads to a dead
end. if there is no security solution for this hardware. Then all
that remains is a complete purchase of suitable equipment.
Define Goals
First of all, it should be clarified what the mobile helpers
should be used for: Which activities and company processes should also be
available on the move? This is not a purely business question that is only
about improving the efficiency of business processes. Rather, changes to
previous activities can already result here, including a change in the business
model - the digital transformation is not just a continuation of the
old with new means. At least the options for further developing business
processes should be checked and integrated into the conception of mobile work
processes. At the same time, there are already references to the required
data protection, management, and security functions. Enterprise mobility or
Mobile device management solutions (EMM / MDM) cover a wide range of such
requirements.
The Hardware: Apple ...
With iOS, Apple offers a closed device world. Hardware and
software come from a single source. Applications are only allowed from
Apple's own iTunes shop. However, the manufacturer of iPhones and iPads
has recognized that the previous strategy - retrofitting standard devices with
an MDM profile - does not offer sufficient functionality.
The
Device Enrollment Program (DEP) aims to remedy these deficiencies. However,
corporate customers must participate in the Apple Deployment Program (ADP),
purchase DEP-compatible devices directly from Apple or a licensed partner and
use a suitable MDM solution. The iOS devices can then be fully
administered at any time without the company's IT requiring physical access to
the device. The user, in turn, cannot escape this management.
... and Android-Based Devices
Google not only uses the Android operating system for its own
Nexus brand devices, but is also an OS supplier for numerous hardware
manufacturers. They can modify the operating system within certain limits
for their own requirements. However, this also means that every Android
update must be specially adapted by the device manufacturer to their own
hardware - many providers save that. It is still open for which devices
the latest version, Android Oreo (V.8), with its extended security
functions will be made available. In particular, the danger of infected
apps from the Google Play Store should be averted by Android 8.
On the other hand, individual device manufacturers are working
on making the Google operating system secure for corporate use with their own
extensions. Besides HTC and Huawei, Samsung, in particular, deserves special
attention with its Knox Mobile Enrollment (KME) solution. KME
makes it possible to automatically equip the device with an MDM profile of the
company and to start the MDM application so that customer and company data is
secured.
Full Control for The IT Department
The most important element of data protection in a company is
not the firewall that monitors access to the Internet or the protective
software that is installed on the individual devices. But the security the concept with its do's and don'ts, standards, and guidelines - the IT security
policies.
They determine how employees should behave to minimize
the risk of cyber-attacks and data theft. The method of choice for
enforcing security policies on mobile devices is mobile device management. This
ensures that the IT department has full control over smartphones and tablets in
all security-related issues. Examples are:
- Control over commissioning and
password creation so that the rules for creating a secure password are
adhered to;
- Control over app usage via black / the whitelisting, i.e. allowing and excluding certain applications;
- Control over the app behavior, for example, that VPN connections are mandatory outside the company network;
- Control over data access, including
locking out unsafe devices from the company network;
- Control overprotective measures, such as automated updates or remote installation of new protective software.
Container - the Security Solution for BYOD
In many companies, it is permissible to use your own smartphone
or personal tablet for business purposes. This BYOD (Bring Your
Own Device) the concept requires that private and company data be strictly sealed
off from one another. This is made possible by application and data
containers. They ensure that the applications run in a protected
environment and that corporate data can neither leave this environment nor be
manipulated from outside.
In practice, a container initially behaves like an app that can
only be accessed with a separate password. Depending on the
characteristics, it represents certain functions itself, or it presents itself
as a separate user interface that enables access to other - secure - company
apps.
Find the best Free Antivirus Software to secure your device from recent internet threats.
An EMM (Enterprise Mobility Management) solution is required to
enable safe installation and continuous maintenance of the containers. This
is the only way to ensure that, on the one hand, the privacy of the user is
protected and, on the other hand, the integrity of the enclosed environment is
secured. Examples of EMM solutions are Samsung Knox, SecurePIM
Enterprise / 7P EMM, Android in the company (formerly Android for
Work), or Blackberry Unified Endpoint Manager (UEM).
What to Do in An Emergency
70 percent of mobile device users have already lost one of their
devices and not even half of the devices reappear. This is where mobile
device management comes into play: A company's own device can be completely
deleted by the IT department using lock wipe, while selective wipe helps with
BYOD devices, which only deletes company data and access, but does not affect
private data. Using MDM, smartphones, and tablets are just as easy to
restore when they find their way back, or to clone to the new hardware when
purchasing a new one. Therefore, in the event of a device loss, there is
only one thing to do: trigger the delete function as soon as possible to
protect the data from theft and misuse, instead of waiting to see whether the mobile device is returned.
Comments
Post a Comment