Don't Forget to Wipe
Q: How do I manage the growing number of mobile devices in my business and keep my network secure?
In the early aughts, companies handed out BlackBerrys like they were ballpoint pens. If you were a worker going mobile, you were going to do it only on your employer's terms, with a device owned by the company and access to corporate data dictated by the house IT manager. That made keeping tabs on business mobile devices easy.
The homogenous network with only corporate-issued devices is already a relic. Business mobile usage has been visited by a consumerization trend, with employees using all manner of personal mobile devices while within the business and to access corporate data when they're out and about, says Jeff Wilson, principal analyst for security at Infonetics Research.
"You may see companies enabling employees on iPhones for corporate access, but for a lot of people it may not be too difficult to then figure out how to configure their personal iPad for access, too," Wilson says.
The possibility that your employees might have a business phone, a personal phone and perhaps a personal tablet device all carrying business data makes them harder to manage--and it also makes it harder to act on looming security threats. In this newly complex environment, a third-party mobile device management solution may be the answer. That might include the ability to run automatic firmware updates, diagnostics, data backup and restoration, to scan for security threats and the particularly valuable ability to remotely lock and wipe data from a phone if it is lost or stolen.
Often these solutions are offered by enterprise security companies such as McAfee, Symantec, Zenprise and MobileIron, sometimes in partnership with a mobile carrier. Costs vary and are usually based on the number of devices within a business enterprise.
That number is not always easy to determine, Wilson says, noting, "A lot of SMBs have an inventory challenge. The first thing they need to do is figure out how many devices are accessing their corporate info--which phones and tablets, and the operating systems they use. Once you get a handle on what devices are connecting, you can develop policies to deal with them."
One way to do that is to deploy a network access controller. "It's a box that intercepts traffic information and tells you who's connecting, what device types [they are using], what their authentication credentials are and if they have virus software," Wilson says.
Mobile viruses were unheard of a few years ago, but such threats are becoming more common, and the booming market for application downloads presents other dangers. Even if your business hasn't seen that type of threat yet, having a device lost or stolen just once may provide enough reason to invest in remote management, especially if that device contains sensitive corporate data.
"For a small business," Wilson says, "that may be the first time you ask yourself, 'What do I have on these devices and what is it worth? Is changing credentials enough, or do I have to wipe it?'"