The increasing prevalence of mobile data has resulted in great security concerns for enterprises operating on multi-device systems, or with a Bring Your Own Device (BYOD) policy in place. It is challenging for businesses to decide whether the greatest value is in securing the devices that data is delivered to, or securing the data itself through methods such as Mobile Device Management (MDM). Mobile devices usage is highly favorable to end users in terms of access and convenience, but IT managers and CIOs cringe at the thought of the security risks associated with mobility and allowing sensitive data to be retrieved from virtually anywhere, any time. According to the Cibecs/IDG Connect 2012 Business Data Loss Survey, 60% of IT and executive management professionals do not feel their data is completely secure. Whereas existing security measures may suffice for company-owned and controlled devices, it is in the company’s best interests to implement new levels of control on employee devices not controlled by IT to ensure maximum data protection as opposed to device protection.
If you’ve heard that securely controlling data transmission is not possible without enterprise ownership of the device, we’d like to show you otherwise. The following examples of mobile data security best practices can give you an idea of what protocol to follow in securing data across your network and devices.
Thin client policies apply to both smartphones as well as tablets, and include OS streaming, hosted desktop virtualization and workplace virtualization. Sensitive information is processed centrally and remote devices can access this data through thin-client terminal applications using network access only. A major benefit of thin-client operation is that information does not leave the server and can only be accessed by an authorized end user. If the authorized user becomes restricted for any reason, access is immediately revoked, with the potential for a remote wipe of the entire device if company policy dictates. This strategy can ensure further security by implementing strong authentication policies, which limit actions such as host copy-and-paste operations and screen capture in addition to controlling data and file transfers. Internal and client contact data may not always be considered eligible for company security policies. In cases such as this, a thin-client data source with applied security is an ideal solution, as it ensures a contact database stays with the company rather than the phone when the end-user leaves the organization.
Mobile Thin Client Management
Mobile thin client management allows users to control which devices are permissible for company use, thereby restricting data access points. Perhaps the most beneficial feature of this strategy is that thin devices can be remotely wiped. Smartphones and similar devices may have limiting features, such as size, processing power and storage capacity, whereby only restricted data processing can occur. Where thin devices can only keep limited amounts of data, they have the unique capability to replicate data and store master copies within specified datacenters.
When implementing the thin device strategy, companies can still control security of these devices by employing mobile device platforms or other management applications, enabling security policies regarding backup and compulsory data encryption.
The aforementioned strategies focus on protecting data processing environments, but how can you protect your data directly? The Protected Data method guards the data at the source rather than the endpoint, ensuring the safety of data regardless of its location. Enterprise rights management and other such technologies directly embed access rules into documents by way of cryptography. With this method, the rules are applicable to documents regardless of location or device, allowing effective security measures for multi device environments.
This pattern also allows for “detecting, logging, and blocking” data that leaves enterprise premises. Having the capability to follow the transmission of sensitive data provides the benefit of understanding the speed and direction of information transfer and flow.
In addition to applying these strategies to mobile device environments, make sure users are aware of potential security threats and how to avoid them. In addition to securing information, users should be sure to secure the many popular applications that smartphones have. Educating users and emphasizing the security risks on their personal mobile devices can make corporate policies much more effective; by demonstrating that there is a significant and known threat to users’ personal information as well as company information, users are more likely to adhere to corporate controls. This provides a win-win scenario, protecting users’ personal info while also protecting your corporate data.