In the modern enterprise era every business is now mobile.
We are all staying connected to work with mobile phones, tablets and laptops. Employees are also using personal devices to access corporate data and this can put their organisation at risk when passwords or devices are lost.
Cyber criminals know this is happening and they are trying to benefit from these trends by introducing more sophisticated ways to use mobile malware to cause as much damage as possible.
These threats need to be managed while at the same time allowing users to benefit from this new mobile technology that makes the working day easier. Sophos looked at how a business can provide flexibility but also protect its networks and corporate data. Here they share their 3 key steps to successfully secure your mobile workforce:
Three Steps to Managing Today’s Mobile Risk
The task of Enterprise Mobile security really boils down to three basic needs: Protecting the user and device; protecting the access to enterprise’s network; and protecting an enterprise’s data. And of course, most importantly, we need an easy to use solution that lets us accomplish our goals with available resources.
Step 1 – Protect users and devices
As we have seen, today’s mobile user depends on their smartphone for organising both their work and personal life. The division between work and personal identity is blurry. Therefore, organisations must step up and fill gaps where users and their constantly on, constantly on the move and ever more powerful devices leave the organisation vulnerable. Protecting users and devices means:
- Implementing good password policy.
- Ensuring that users take advantage of native lost device and wipe device features.
- Providing Self Help tools for users to reset their own passwords and reduce the burden on IT.
- Assuring that effective and current anti-malware software is installed and active on all devices (especially Android). Protecting users and their devices is the first key step to securing our mobile workforce.
Step 2 – Protect the Enterprise Network
Mobility and mobile devices go hand in hand with Wi-Fi access to both corporate and public networks. Managing these connections and the data that flows over them is critical to managing mobile security risk. This requires good network AND device security is in place. Protecting the network requires.
- Establishing and enforce Wi-Fi network access policy.
- Restricting access to the network to compliant users and devices.
- Restricting unwanted or risky applications from accessing the network.
- Securing access to frequently used and approved mobile applications and websites through the use of a corporate browser solution.
- Protecting the network provides a second layer of defense in our 3-step strategy.
Step 3 – Protect Corporate Data
Once we have protected our devices and networks, the next step is to protect critical corporate data. Data moving to and from mobile devices, as well as data on the devices themselves, creates risk that must be managed. A lot of valuable data passes through our mobile devices when we engage in email and other collaboration services such as file sharing and discussions. Many users also move confidential files to public file sharing sites like Box and Dropbox.
To protect business data we must:
- Ensure that email, file sharing and other collaboration and information exchanges take place in secure application “containers” and workspaces.
- Protect applications that support key business processes like order management, customer support, finance, sales and marketing, and product development.
- Enable encryption of important files when they are accessed and shared on cloud storage services like Box, Dropbox and Google Drive. Protecting our data is the 3rd key step in our approach.
Sophos Mobile is the EMM solution for businesses that want to spend less time and effort to manage and secure mobile devices. Manage mobile devices with the easy-to-use, web-based, unified Sophos Central admin interface alongside endpoint, network, or server security from Sophos. With its best-in-class data protection, comprehensive security, value-for-money, and flexible management options, Sophos Mobile is the best way to allow the use of mobile devices for work, keeping users productive, business data safe and personal data private.
For more information about incorporating Sophos Mobile into your security solution contact the DNA IT Solutions team. We work with Sophos tools to help keep our clients protected.