Mobile security for businesses is an increasingly important topic, as security threats are on the rise and devices are still routinely being lost or stolen. However, there are precautions your business can take to minimize risks while still providing the right mobile capabilities to its on-the-go workforce.
Assess Your Requirements and the Risks You Face
When considering the role of mobility in their enterprise, organizations need to first understand what role mobile devices will serve in their business, what business apps they wish to deliver to their employees, and what data is stored or made available on the devices.
Organizations have different security requirements based on their business needs and the industry they are in. An organization that merely wishes to give employees access to email or to update addresses for a delivery service will have vastly different security requirements than a business that’s engaged in trading securities or needs to perform wire transfers. In some highly regulated environments, there are special considerations to take into account. For example, in the financial services sector, transactions between broker-dealers and customers must be logged, audited and monitored. And in healthcare, hospitals need to control access to data in a secure fashion, limiting access to only authorized individuals, protecting it from unauthorized access through encryption, and then ensuring that sensitive data gets removed when no longer required.
When assessing mobile security for businesses, organizations need to carefully consider the risks and regulatory requirements associated with their particular environment. In order to assess the risks involved, they must understand what data they could be exposing in addition to the applications and services to be made available. In higher risk environments, organizations should have greater control over the security posture of mobile devices.
The Tide Is Turning Back to Corporate-Liable Devices
At one point, it seemed that the bring your own device (BYOD) movement was an unstoppable force, but the tide is beginning to turn, even among employees. According to research from the Ponemon Institute, 68 percent of respondents preferred not to use their personal devices for work purposes, citing the preference for complete control over their own devices, without their company modifying them in any way. This mentality is echoed by research from Forrester in the government sector, which showed that 66 percent of employees were concerned about BYOD, and 70 percent of government employers had little or no interest in allowing BYOD.
As a result, many organizations are increasingly eschewing the use of personally owned devices in favor of corporate-liable device deployments, especially in highly regulated and high-risk environments where the challenges of maintaining the integrity of corporate data are high.
Use the Available Security Tools
Samsung’s current flagship mobile devices are designed and built to very high standards of security. Virtually all of these devices have Samsung KNOX built in, which provides defense-grade security starting with the hardware extending through the OS and on to the software running on the device. It provides tight control over what applications and services can run on its devices and provides measures to prevent tampering and mitigate malware. Capabilities include KNOX Workspace, and application-specific controls which are provided to allow the ability to separate business data from personal data in a highly secure manner. For higher-risk environments, organizations can leverage the policy options provided in Knox Workspace to control what data and applications are present. Leveraging the APIs built into the KNOX framework, enterprises can implement the appropriate controls to meet any security need.
In organizations that do allow BYOD, or are worried about the impact that a rogue device could have, management tools exist that require all users to be granted access rights in order to connect to sensitive data, or even to the network at all. If access is managed through a mobile device management (MDM) system and network access controls, organizations can then assess who is attempting to access the device and to connect to their environment, then allow or deny access accordingly. In most cases, access must be granted and devices and users authenticated on the device and at the mobile gateway to determine who is allowed on the network and what access they have to internal resources. The use of MDM systems also allows an organization to manage the security of the device including the ability to find a device as well as to wipe a device if it’s lost or compromised.
Although mobile security for businesses may be something that many are wary of, the security built into Samsung KNOX devices provides the capability to manage risk at the appropriate levels enabling innovation and transformation of the business through mobile technologies. If you assess your environment, determine your risk appetite, consider regulatory requirements, and then determine the right tools to deploy, you can ensure optimal mobile security for your organization that meets your risk requirements.
Find out here why Samsung KNOX received the most “Strong” ratings out of any mobile platform in a Gartner mobile security report.