How important is Mobile Security for Enterprises?
Here are the facts and issues around how enterprise users are using mobile devices:
- Email continues to be the killer app for mobility. Employees expecting to get their email just about anywhere drive the use of smartphones and now tablets.
- Enterprises users are finding other use cases for mobile devices, including everything from applications for day-to-day activities to SharePoint access.
- Enterprises are struggling to create a policy that addresses consumerization. Lack of a stronger policy for mobile users is driving requirements for risk management for mobile devices because the greater the mobile connectivity, the more options exist to limit the information actually stored on the user’s device.
- BYOD, or the idea of employees using their personal devices for work, is currently seen as something that is inevitable by enterprises.
- Configuration may sit between the help desk technician and the user. These factors can prevent IT from accessing the user’s machine using traditional remote control tools.
- More and more enterprises are using phones as an alternative to specialized authentication tokens for remote access to enterprise networks, as well as for online banking and similar services.
- Authentication is being done using either one-time-password software tokens for smartphones or out of band (OOB) authentication via text messaging or automated voice calls
- Mobile phones and tablets will overtake PCs as the most common Web access device worldwide during the next year or two, and the value of a phone as a token is used as an authentication credential. For many medium risk use cases, this will be good enough, but for higher-risk use cases, something else is needed.
- While the availability of device-embedded biometric authentication in mobile phones remains low and inconsistent, server- or cloud-based biometric authentication products can exploit phones as capture devices for face and typing rhythm.
From these above facts its quite clear that every enterprise needs to have a strong mobile security strategy to protect its user’s identity, their data and their mobile devices.
I will explore the challenges around mobile security in details in the coming blogs.