Business mobility won’t compromise security
Robyn Milham, the Head of Enterprise Sales for Southern Africa at Research In Motion (RIM), the company behind the BlackBerry solution argues that business mobility can come at the steep price of serious compromises to enterprise security, unless companies put effective strategies in place that address security at the device and network levels according to Robyn Milham. She says that organisations should look at three layers in their enterprise mobile security strategies: securing the mobile device and its data; securing communications to and from the device; and optimising the corporate network to support business mobility.
Says Milham: “Until the advent of mobile devices and wireless networks, network security was reasonably easy to manage. The only way onto the network was through a password-protected desktop computer connected by a physical Ethernet connection.
“Now, however, end-users can access the corporate network from anywhere in the world using mobile devices such as notebooks, tablets and smartphones. This is a potential security nightmare without the right tools and polices in place to manage the mobile workforce,” states Milham.
Milham says that mobile information security starts with the fundamentals of securing the device and its data. The number of cellphones lost and stolen in South Africa each year is staggering, meaning that the device is often the weakest link in a company’s information security network.
“Many of these devices contain sensitive financial or customer data and can be used to access the corporate network. Access to the device should be protected with passwords or even biometrics. Sensitive data stored on the phone should be encrypted so that it is useless to an unauthorised user,” says Milham.
“Information may also be vulnerable when it is in transit from the smartphone to another user,” says Milham. “Many mobile users send data from unsecured public networks and access strategic business applications on the road using devices that lack security software. Companies should therefore seek out solutions that offer end-to-end security for data in transit, including advanced encryption.”
One of the major challenges lies in consumerisation of technology since most end-users will carry one device for both their business and personal needs. RIM is addressing this challenge with BlackBerry Balance – new technology that makes possible the convenience of using a single BlackBerry smartphone for both work and personal purposes without compromising the security of company content and the privacy of personal content.
RIM is introducing this technology in response to the growing trend by businesses to allow employees to use personal BlackBerry smartphones for work, or company-owned smartphones for personal, and the need by businesses to secure, manage and control confidential company or client information on these devices.
The third piece of the puzzle lies in putting in place network architecture designed to support mobility.
“With the rapid growth in mobile computing, companies must extend their definition of the network perimeter to include mobile devices and their wireless connections to the network,” says Milham.
Mobile devices are often used outside the firewall from unknown IP addresses, which makes it more difficult for the corporate network to determine whether a device seeking access to the corporate network should be trusted or not.
For that reason, many companies prefer to push information to the mobile device rather than allowing users to pull it. This model is more secure since the destination is known and there is less likelihood of the data being intercepted.
Milham says that a mobile platform that allows central configuration, management and enforcement of security policies is essential for any company that plans to mobilise its business processes. The BlackBerry Enterprise Server platform, for example, gives companies the ability to set and control more than 500 IT policies from a central platform.
The policies in BlackBerry Enterprise Server are not designed as a “one-fits-all solution” – they can be configured around the needs of different end-user profiles in any company.
IT managers can set policies for everything from passwords to which third-party applications end-users may install and use on their smartphones, giving them complete control over their data and networks.
Concludes Milham: “There needn’t be a security price to business mobility, so long as you look for a solution that offers a flexible approach to security that offers an intuitive user experience, paired with central control for the IT department. The investment and effort required to build a secure mobile environment are minimal, provided you choose the right platform for your needs.”