The Fifth Step to Enterprise Mobility: Defending Your Data
This is the fifth post in a blog series featuring Vine-format videos focusing on the “Six Essential Steps for Unleashing the Power of Enterprise Mobility”. The first blog post discussing how to build a mobile structure can be found here. The second blog post highlighting the benefits going virtual can be found here. The third blog post focused on preparing enterprises for the division of devices can be found here. The fourth blog post focused on creating an app checkpoint can be found here.
In a 2012 survey of IT executives and CEOs, nearly half of the companies that permit mobility and BYOD reported experiencing a data or security breach as a result of an employee-owned device accessing the corporate network. In addition, security concerns continue to remain a key issue for decision makers looking to deploy additional mobile solutions such as enterprise mobile apps, according to a recent article from IT Pro.
Careful planning can help enterprises manage security concerns and harness the power of mobility. Here’s a brief checklist to help organizations secure devices, data and the network:
1. IT Pushing of Capability Down to End Devices
IT needs to be able to push capabilities down to end devices and access control for both on-premises and off-premises apps, while providing pull capabilities for users, so they can self-provision apps.
IT must have the ability to apply situational control policies (for example, for disabling cameras on mobile devices in order to protect on-premises company assets when employees and guests are on corporate premises or in restricted areas). Another must have? The ability to remotely locate, lock, and wipe devices should there be a theft or if an employee leaves the company. It is also essential to be able to automate geo-specific policies to control roaming costs when workers are out of country.
2. Partitioning of Personal Data from Corporate Data, History, and Logging for Business Communications Only
Because BYOD devices will also be used for nonbusiness activities, IT must be able to partition personal data from corporate data and enable access to personal apps without compromising business access.
For compliance (audit) purposes, IT also needs to be able to maintain history and logging capabilities for business communications without imposing these requirements on personal communications. It is important to obtain good visibility into how many mobile devices are on the network, how those devices are being used, and by whom to make sure of high quality of experience.
Our experience has shown us that these types of capabilities require unified policy management across the entire organization for both business and technical domains, including information security policies, legal requirements, human resource policies, government standards and regulations, industry standards and regulations, internal corporate regulations, workspace resources, and vendor management.
For more information about creating an application strategy and additional steps to consider, check out Cisco’s whitepaper, “Six Essential Steps for Unleashing the Power of Enterprise Mobility.” Stay tuned for my next post that will discuss final step enterprises can take to unleash the power of mobility.