In a complex world of mobile security, having the right mix of security features can make all the difference. That’s why you need is a multi-layered security plan to protect your mobile workforce and your corporate data. These plans are a best practice because they account for multiple attack vectors: device, human and infrastructure.
Standardizing Mobile Device Security Features
When you have a fleet of corporate-owned mobile devices or you have opted to offer your employees a choose your own device (CYOD) option, you’re at an advantage when defining security features for your mobile devices. Here are some of the top features you need to protect your corporate devices:
- A lock screen with a secure passcode to physically lock down the device
- Remote data wipe, so if one of your mobile devices is lost or stolen, your IT department can wipe it remotely to protect your corporate data
- Corporate-approved apps curated from an enterprise app store
- Secure containers like Samsung Knox Workspace to provide a secure workspace for your employees to access back-end corporate systems like your customer relationship management (CRM), analytics, collaboration and sales enablement tools
Plan a Successful CYOD Program
White Paper
Download our comprehensive 8-step guide to planning and deploying a CYOD initiative at your company. Download Now
- Google Play Protect should be set by policy across your devices, so all app scanning becomes standard operating procedure
- Encryption should be set on all your corporate devices to protect your corporate data if the device is lost or stolen
In addition to software-based security features and programs, your corporate policy should also pay attention to potential hardware-based measures. This includes components that can prevent rooting or jailbreaking on a device, or compatibility with biometric authentication such as iris or fingerprint scanning.
Securely Rolling Out Mobile Devices
Here are three security considerations to take into account when rolling out devices to your end users:
1. Use Remote Configuration Tools
Knox Configure, a cloud-based solution for remote configuration, will give you the granular control over device configuration for your mobile workers. You should roll out your devices with a tool that can support connectivity settings such as Wi-Fi, Bluetooth, NFC, USB and SIM lock.
A benefit of using a configuration tool for multiple devices is that it allows IT managers to send out dynamic updates via service pushes. It also enables device feature restrictions, limiting avenues that employees can convey information — whether it’s screen capture, SMS/MSM, Wi-Fi or camera.
With your MDM, you’ll also be able to control app whitelisting/blacklisting, shared device and enterprise billing.
2. Institute an Employee Mobile Security Education Program
An important, but sometimes forgotten, element of multi-layered security for your mobile workforce is user education. Even with the latest security software, you still need to educate your employees about the security threats they’ll face, including downloading unvetted apps and managing unexpected file attachments.
Such user education enables you to develop a direct dialogue with your employees to trade best practices. It also gives your IT team better insights into how your employees conduct business on the devices you deploy.
Mobile security education shouldn’t stop at educating users about their new devices either. You should also look for ways to conduct follow-up security education and outreach for your users.
3. Develop and Deploy an Anti-Malware Strategy for Your Mobile Workforce
Malware remains an increasing threat to mobile devices and a challenge to even the most hardened multi-layered security plan. It’s not enough to install anti-malware software on your mobile devices. You need to also develop and release an anti-malware strategy with participation from your security staff, IT department, business users and other stakeholders. Your anti-malware strategy should include:
- Mobile threat intelligence tools working in conjunction with your EMM platform.
- Anti-malware software that’s part of your standard corporate device build and your bring your own device (BYOD) policy.
- Corporate-sanctioned cloud services for file-sharing and collaboration.
- Mobile security policies as part of an overall security framework.
Multi-Layered Security and Your Enterprise
Because your employees face constantly changing threat vectors, you need a multi-layered security approach including device-level security, EMM and user education. Furthermore, you need to be able to go back and revisit your security strategy to keep pace with changing technologies and threats.
Learn more about how Samsung Knox can fit into your multi-layered security plan, or download our free white paper on planning a CYOD policy from start to finish.
