Mobile security is a matter of huge concern for CTOs and CEOs across enterprises. It’s not just about the data risks associated with mobile devices but also legal and regulatory policies, and protocols that govern how data should be stored, transmitted and processed. On the other side of the coin, tightening security leads to usability issues that hamper productivity and annoy device users.
The balancing act between security and usability only gets harder as mobile devices become more capable, diverse and stronger. Data sensitivity is and always will be the foremost concern for IT security heads. The reputation of an organization rides on how well they secure their clients’ confidential data and assets, and the industry standards implemented for compliance in functions.
As the BYOD wave takes a stronger hold on corporate and mobile workers demand the ability to work remotely for higher productivity, IT heads have to look at ways to make this possible without compromising on security at any level – data protection, compliance adherence or legal. Some companies do this by:
- Removing network drives altogether
- Developing quantifiable risk profiles associated with email attachments, instant messaging, memory sticks, and web portals and outlining usage rules
- Disallowing local storage on devices
- Using Advanced Encryption Standard and Triple-Data Encryption Standard on the device to prevent wireless interception of data
- Encrypted storage of emails
- Remote lock and wipe
- Resetting centrally-set secure passwords periodically
- Locking after 3 or 5 failed login attempts
- Changing user password immediately on report of device theft or loss followed by remote wipe
Another solution that works well to assure security on the device is the ‘dead man’s handle’ wherein the user has to enter the password periodically or the device should be able to call home. If not, the device locks itself and sensitive data is removed remotely. Of course, though effective for security purposes, it doesn’t go well with users. In fact, users sometimes tweak this feature so they can work without having to enter the password repeatedly – creating a hole in the security net. Some companies are using smartcards and biometrics for authentication too.
IT teams hold seminars and user trainings to convey the importance of security measures to the workforce, to make them understand the need for enforcement. While usability is a critical factor for the adoption and use of enterprise apps, IT heads cannot allow it to outweigh security concerns.
Enterprise apps and security enforcement measures must go hand in hand to sustain clients’ trust. If usability is affected in the process, it’s a deal you’ve got to accept.
So, eager to learn why your business MUST take notice of Mobility ? Or want to decide which app is a right fit for your business? Download your choice !