Your sales force needs access to your order entry system while beatin’ the street. Are they still using bulky laptops and 4G adapters to hook up, or is your modern workforce armed with Androids, iPhones and iPads? Do you provide the guns or is it BYOD (bring your own device) to reduce costs?
Depending on the sensitivity of your network and computer systems, providing access to mobile devices in a secure way turns out to be a very challenging exercise.
What’s wrong with these small glass gadgets, smartphones and tablets? Nothing, they’re awesome, but mobility creates a few interesting vulnerabilities that need to be addressed.
Related Article: How Do You Know If Your Phone Is Safe?
Ain’t No Laptop
We use our smartphones and tablets a lot—a whole lot. Some measures say we are “palming” our mobile devices almost 200 minutes a day. That is a lot of use, and while the laptop is neatly stored in its case, or nestled on the desk, our phones are in our back pocket, taking POV shots of a roller coaster ride, in the lost and found, in the couch or on the counter at Starbucks.
Because of the Wild West nature of mobile devices they present an interesting problem for companies and software developers in the area of security. If you are accessing your business systems with mobile devices, you need to make sure your users and their mobile devices are behaving appropriately. In addition, security vulnerabilities must be considered that are much different than you would find with laptops and PCs.
Ruling the Rogue
How do you make sure your users aren’t downloading software to their mobile phones that can create a security breach for your internal systems? Malware? Virus?
How do you know that they’re not jailbreaking the device and unwittingly opening up dangerous security holes? Enterprise Device Management, formerly Mobile Device Management (MDM) is a software category that allows you to take control of mobile devices that either you or your employees provide.
Previously, these solutions were quite expensive and better suited for a large enterprise; however, there are now cloud offerings that make the cost of an EMM solution quite affordable for small businesses; AirWatch, MobileIron andMaaS360 (IBM) to name a few.
Capabilities That EMM Includes:
- Software distribution: centrally controlled OS updates and application distribution makes sure that your users are easily updated with the latest versions. Remote locking, wiping for employees who have left the company or are out of compliance.
- Support of multiple OS and Devices (Android, IOS): allows you to provide safe access to a multitude of devices and operating systems. Mobile devices have exponentially more configurations than PCs.
- Security of Data: encrypts stored data on the device and data in flight.
- App Management: controls what your users install on their devices, enforces software licensing and allows only those applications you think are safe.
- Network Access: identity management, limited access to non-approved devices, guest access etc.
Related Article: Is Fingerprinting the Next Mobile Security Option?
How ‘bout That App
The security considerations taken when writing or purchasing applications for your users are very important as well. A poorly written order entry or calendar application can leave a wide open door for the black hats to wreak havoc on your business.
Providing user-friendly ways for folks to identify themselves is very important. Clunky and complicated login processes can lead to poor behavior (like writing passwords down or storing them on the phone).
Have you ever tried to enter a 16 character password on a smartphone? While driving? There are some emerging authentication approaches that make logging in a snap. Bio-metrics such as fingerprint, voice and facial recognition can give an almost hands-free experience (some more accurate than others).
To further harden the security of your applications look for simple or even invisible approaches such as:
Pattern-tracing logins (a no typing login): Not only is pattern-tracing user-friendly, but it is usually more secure and easier to remember than passwords.
Geo-location: Passes the phone’s latitude and longitude so that your security system can determine if the phone is in Nigeria or some other rogue country. Find out where transactions physically took place.
Application protection: Bad guys can decompile and reverse engineer applications, giving them visibility into how your systems work—and how to break into them. Products like Mocana can protect your code, detect jailbroken devices and help monitor usage of your application.
Even though you may have a small business that can’t afford a major outlay for sophisticated mobile solutions, you can still equip your employees with the mobility they need to do the job efficiently. Protecting your business from the vulnerabilities mobile computing can expose you to is not as hard as you think.
Your smart devices are under control with EMM and you have provided secure and easy to use applications. Now you’re ready to hit the road, confident that your systems are safe from unthinking users and—the bad guys.