Mobile devices gain momentum and herald change in today’s business world. In fact, regarded as a catalyst of the Internet phenomenon, smartphones are now used by hundreds of millions of employees throughout the world to access corporate information to keep up in today’s 24/7 business world. Once considered a threat to security, companies blithely ignore the concerns, especially since employees are believed to be more productive when they can access corporate data and apps with their mobile devices.
According to Symantec’s "State of Mobility 2012" survey that gauged how organizations are coping with this trend, we have reached a tipping point in the business use of mobile devices. The survey included 6,275 organizations across 43 countries, from small businesses to large enterprises, and brought to light that most organizations make mobile application accessible or even plan to create corporate app stores for employees to download approved software. With the goal to improve business agility, efficiency and increase workplace effectiveness, Symantec states that it all comes at a price.
Organizations are aware of the potential dangers mobility can pose, rating it highest among IT initiatives in risk. They’re worried about lost devices, data loss, and malware infecting the corporate network through smartphones and tablets. However, despite these risks, organizations feel the benefits are worth it and are working hard to implement security measures to rein in these costs and keep their corporate information safe.
Symantec’s recommendations to improve the effectiveness of mobile initiatives are according to its “State of Mobility 2012" report the following:
- Enable broadly: Mobility offers tremendous opportunities for organizations of all sizes. Explore how you can take advantage of mobility and develop a phased approach to build an ecosystem that supports your plan. To get the most from mobile advances, plan for line-of-business mobile applications that have mainstream use. Employees will use mobile devices for business one way or another – make it on your terms.
- Think strategically. Build a realistic assessment of the ultimate scale of your mobile business plan and its impact on your infrastructure. Think beyond email. Explore all of the mobile opportunities that can be introduced and understand the risks and threats that need to be mitigated. As you plan, take a cross-functional approach to securing sensitive data no matter where it might end up.
- Manage efficiently. Mobile devices are legitimate endpoints that require the same attention given to traditional PCs. Many of the processes, policies, education and technologies that are leveraged for desktops and laptops are also applicable to mobile platforms. So the management of mobile devices should be integrated into the overall IT management framework and administered in the same way – ideally using compatible solutions and unified policies. This creates operational efficiencies and lowers the total cost of ownership.
- Enforce Appropriately. As more employees connect their personal devices to the corporate network, organizations need to modify their acceptable usage policies to accommodate both corporate-owned and personally-owned devices. Management and security levers will need to differ based on ownership of the device and the associated controls that the organization requires. Employees will continue to add devices to the corporate network to make their jobs more efficient and enjoyable so organizations must plan for this legally, operationally and culturally.
- Secure comprehensively. Look beyond basic password, wipe and application blocking policies. Focus on the information and where it is viewed, transmitted and stored. Integrating with existing data loss prevention, encryption and authentication policies will ensure consistent corporate and regulatory compliance.