Do you ever pause to think about how much personal information you store on your phone? Okay, maybe you’re not so bad personally, but it’s not uncommon for people to house potentially sensitive stuff in categories such as:
- Identifiable info. Names, birth dates, social security numbers
- Financial info. Account numbers, credit card numbers, login credentials
- Documentation info. Word docs, PDFs, spreadsheet files
- Geographical info. Directions to work, home, friends, and family residences
Sure. You’ve got your little PIN code to prevent unauthorized access to your phone, but the increase in sophisticated mobile security threats makes the thought of hording confidential data in this environment an unsettling one. Though being a victim hurts no matter who you are, it’s fair to argue that businesses are even bigger targets at greater risk. Due to all they stand to lose, these organizations are advised to adopt security solutions that provide levels of protection far beyond what’s possible with native mobile security features.
BYOD policies add yet another layer of complexity to the mix, so more companies are turning to IT managed service providers to solidify their security prowess. Outsourcing especially makes a lot of sense for small and medium-sized businesses that lack the resources needed to ensure adequate protection in-house. In an ideal scenario, an MSP can provide these smaller firms with a security infrastructure comparable to what larger, more financially endowed companies operate. At the same time, those service providers must have their very own stars aligned.
1. Secure Corporate Access
A sturdy virtual private network is a basic necessity for any MSP who wants to profit from adding mobile device security to their offerings. Though simple in nature, a good VPN will provide secure access to corporate resources from all company devices. Equipped with various network security protocols, this technology enables users to connect with remote sites, networks, data centers, and other access points from a web-based interface. A managed VPN will deliver the added benefit of sparing the client of all the tedious maintenance elements.
2. Stored Data Protection
There are primarily two ways an MSP can go about protecting data stored on a mobile device. The first involves using encryption so unauthorized parties can’t read the data on a device they’re able to get their hands on either physically or remotely. Then there is the increasingly desirable ability to remotely wipe a device clean of its data. Remote wipe is a controversial topic and preferably a worst-case scenario type of deal. However, this self-destruct button can prove valuable by instantly erasing a lost or stolen phone. Syncing the feature with existing devices looks to be the biggest challenge on the vendor front.
3. App Configuration Enforcement
Apps are great – when they’re working properly. When they’re not, they can be the root of numerous issues. A few configuration problems can open up holes that put an entire network at risk. According to Gartner, up to 75 percent of mobile security breaches will come as the result of app misconfigurations by 2017. MSPs can help reduce these breaches by enforcing proper app configuration through their MDM services. Gartner suggests including anti-rooting policies, restricting unapproved app stores, and only using signed, genuine apps when accessing corporate resources in enforcement policies.
4. Malware Protection
Malware writers have had plenty to keep them busy as they hack away at programs capable of compromising today’s fleet of mobile devices. You’ll find a number of free and inexpensive anti-virus titles in app stores like iTunes and Google Play, but enterprise devices deserve enterprise-grade protection. MSPs can step their game up accordingly by adopting malware detection, removal, and other features from leading security vendors. Kaspersky, for example, has malware blasting security solutions MSPs can incorporate right into their mobile device management platforms.
5. Centralized Messaging Management
Mobile devices are essentially messaging machines that commonly process emails, instant messages, texts, and all their associated data. Security protocols for these mediums vary quite a bit depending on the device, and that diversity presents unique challenges to IT security personnel responsible for BYOD programs. The answer lies in neutral solutions that provide centralized management and security for these communications. Vendors are striving to make compatibility a non-issue with independent tools that deliver secure access to email, IM, and contact data from different platforms.
There are numerous security measures a managed service provider can take to protect mobile data for their clients. On that note, those clients need to realize the important role they play in securing their own mobile infrastructure. While an MSP can provide a remote wipe functionality, the company is responsible for taking the measures necessary to ensure that personal and mission-critical data can be recovered in the event that the button needs to be pushed. Sound use of native device features, a reliable vendor, and strategic BDR planning are needed to form an all-around mobile security solution.
Photo Credit: Dev.Arka via Flickr