The work environment has undergone profound changes in recent years. In this context, the use of mobile equipment by employees must be rethought so that productivity and security can go hand in hand. Indeed, the notion of security is now central insofar as the attack surface is constantly expanding. Thus, protecting laptops alone is no longer enough. Smartphones and tablets must now be included. But that’s not all, the security approach deployed must follow a unique trajectory. Thus, securing mobiles will be an extension of the existing cyber strategy.
Properly securing data in mobile environments
As real information transmission hubs, mobile devices are strategic assets for companies. First, it is fundamental to conduct an audit to see how security is managed “globally” to integrate the notion of security on mobile devices by changing existing habits and uses as little as possible. The mobile network is then an extension of the local network and its associated strategies. This first step is strategic and must be carried out carefully.
Enable secure business and personal use
At this stage, several possibilities are offered: for example, it may be possible to enroll the business terminal in its entirety with a restriction on personal use or to enroll the business terminal with the possibility of personal use (segregation of the two environments). In this context, it will be necessary to segment the business and personal approaches. It will thus be possible from a single terminal to allow the employee to have a secure use in all circumstances (pro and personal) and respecting the cybersecurity governance of the company. Of course, depending on the business and the uses of the teams, it will be important to define a particular approach.
Once this step is finalized, the target device must then be tested on a few smartphones and tablets before entering the phase of massive deployment on the entire existing fleet. The mobile environments are either configured and delivered to the employees or enrolled remotely. The settings can then be changed centrally, which allows fleet managers to ensure that the defined cybersecurity policy is deployed throughout the fleet.
It is also important to note that MDM does not include tools such as anti-phishing, anti-virus, etc. It only allows you to “give access” to your data. It only allows you to “give access” or not to the Internet and certain uses. In this sense, it is important to combine MDM with access to complementary cybersecurity tools.
The security of mobile devices is therefore a strategic issue for companies and organizations of all sizes. It is in this context that they will be able to protect the data and information exchanged and stored on their mobiles.
Bruno DEPREZ – CEO of Mobility Plus