Why your customers need to rethink enterprise security for their devices and applications
In the age of digital transformation there are now three certainties in life – death, taxes and security concerns. The problem for your customers is that in order to stay in front of their competitors, they need to introduce more technology to their enterprise – instantly increasing the risk of falling victim to a cybersecurity incident.
The underlying principle is simple – the more devices you connect to a network, the more potential points of attack you create. Artificial Intelligence, Internet of Things smart sensors, smartphones and tablets are all essential to digital transformation within enterprises – and every single one of them is a potential portal to network hell. Or so your customers think.
If you can guide them through the security concerns and present suitable enterprise mobility solutions that put security front of line, there is no reason that they cannot deploy new mobile technologies safely.
1. GDPR, personal data and mobile devices
No matter which industry your customers operate in, they will have to comply with the upcoming General Data Protection Regulation (GDPR). GDPR applies to all businesses collecting, storing and processing personal data belonging to EU citizens – including those based outside the EU itself. Breach the regulation and your business faces fines of up to €20m or 4% of global turnover.
Carrying personal data outside the corporate firewall dramatically increases the risk of personal data being exposed. Criminals can recover sensitive data from mobile devices in the same way they do from lost USB drives or stolen laptops. But this is no reason to scale back mobile or BYOD strategies. Worryingly, 77% of IT professionals in a recent survey said their organisations do not have a formal cybersecurity incident response plan in place.
Instead, your customers need to be shown how enterprise mobility management can secure data outside the corporate network. Mobile device management functionality allows your customers to apply access passwords on the device and wipe the contents completely if a device is lost. Mobile content management adds another layer of protection too, limiting access to corporate data stores, and encrypting anything stored on the device.
Applying security to both device and data will strengthen defences and help your customers to comply with GDPR obligations – without hindering their mobile strategy.
2. Ransomware, malware and other hacker nasties
High profile malware attacks such as the WannaCry outbreak which took several NHS trusts offline in 2017 have spooked businesses. The prospect of IT systems going offline for hours (or even days) is understandably terrifying. Gartner puts the average cost of network downtime at $5,600 per minute.
As a trusted advisor, you have a responsibility to help your customers secure the devices, data and applications that are being used inside and outside of the corporate network.
EMM provides several ways to minimise the risk of malware outbreaks launched from mobile devices. Device management can be used to limit app installation permissions, preventing malware from being auto-installed. Content management strategies can be used to sandbox data, storing it in a secure container where it cannot be affected by other apps or malware installed on the device.
Application management can be used to reduce the chances of malware being installed on the device – first by ensuring a suitable antivirus app is deployed to the device, and second, by providing an in-house app store containing only software that has been tested and approved by the IT team. This multilayer approach to security allows your customers to move forward confidently with their mobile strategy.
3. Passwords, authentication and impersonation
Many CTOs and IT managers retain a distrust of their users – and with good reason. Negligent employees who refuse to comply with security policies are consistently identified as the biggest threat to the corporate network – and it’s not always intentional. The IDG 2017 U.S. State of Cybersecurity Survey revealed that 28% of “insider” security incidents were attributed to unintentional or accidental reasons.
No matter how fast technology evolves, end users continue to undermine security provisions. Sharing passwords with other users remains a serious problem, effectively giving cybercriminals a head start when trying to breach systems.
You can help your customers prevent these issues getting out of hand by implementing a secondary layer of security like two factor authentication. By configuring the enterprise mobile management platform to demand a second, disposable password it becomes much easier to lock unauthorised users out of corporate systems. A malicious third party will need the mobile device and the owner’s login details to gain access – simply having one or the other will not be enough.
The future doesn’t have to be scary
Your customers are well aware of the risks presented by their mobile strategy and they will need your assistance to overcome those concerns. The good news is that technology can address many of the challenges they face – so long as they have the right EMM platform and advice available.
As you discuss enterprise security with your clients, you should remember:
- GDPR means that data security cannot be relaxed inside or outside the company network.
- Ransomware is a genuine threat, but mobile devices can be configured to combat it effectively.
- End users have bad security habits – EMM can help work around them.
- Enterprise mobile management systems protect information at the device, app and content level for total security.