IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Your invite - BYOD event tickets at no cost
Tue, 17th Apr 2012
FYI, this story is more than a year old

Smartphones and tablets are becoming pervasive in all sectors of industry and government. Last year we saw the shipment figures for these devices increase significantly, indicating a major uplift in adoption rates for mobile devices as a business tool. In many organisations, iPads have already been adopted at senior management level, requiring IT teams to integrate the devices into corporate systems. As traditional phones are replaced by smartphones there is a drive to allow all staff to have access to corporate email and in some cases extend access to corporate applications.

Based on the feedback we received last year, very few organisations are treating these devices as they do laptops, but in effect that is what they are – extremely functional portable devices suitable for business use.

In most cases, no management solution has been implemented to track and control the devices and the typical corporate security considerations such as authentication, data protection and threat protection have been overlooked.

Furthermore, some New Zealand organisations have commenced an exercise to investigate the cost savings of a Bring Your Own Device (BYOD) program. Introducing a BYOD program requires even further consideration, from an internal policy and technological enforcement perspective, before being carried out.

Some organisations will undoubtedly move in this direction. The current generation of under-25-year-olds have greater computing power in their pocket than is provided on their desks at their places of work, so it makes absolute sense to harness the power and use it.

Security after the fact can only result in corporate damage, so we believe that developing the framework first and then opening the access is essential if you are to harness the potential and control corporate risk.

Establishing the security framework foundation for mobile devices requires the enterprise to make some key decisions on controlling functionality without impacting productivity. Usually this results in email access being readily adopted first; then, in some cases, application access follows on to improve business workflow. Where a decision is made to provide only email access some organisations decide security is less important; however, the fundamental consideration with smartphone or tablet devices is that email is constantly available. Lose your smartphone or tablet and whoever picks it up has full access to corporate email and that means corporate data.

So, the key to establishing a security framework for mobile device adoption (smartphone or tablet) should be to apply the same, or better, security policies as you already apply to secured laptops. Access to email should be controlled by strong authentication. Data that resides on the device or is available on boot is encrypted. Adherence to documented frameworks and policies for mobile device security is best achieved through a Mobile Device Management platform; this will also assist applying consistent policy across all accepted devices.

MPA has developed a comprehensive solution set that addresses these challenges across all common platforms.

The 6 key areas addressed by the Mobile Solution Set are:

1. Managing mobile devices in the field.

2. Protecting devices from threats such as malware.

3. User and device authentication.

4. Certificate management.

5. Device billing control.

6. Sharing of company data between users and their devices.

Through partnerships with the world’s leading vendors in the mobile management sector – McAfee, SafeNet, Accellion, Anomalous Networks and Entrust – we can help organisations deploy and manage their smartphone and tablet fleet securely.

We’ll be discussing this topic further at the MPA Security Forums in May – click here see details on the event, including topics and speakers.

To obtain a copy of the whitepaper, ‘Secure Mobility’, outlining how to ensure your mobile devices are secure, contact Mark Micklefield at mark.micklefield@mpa.co.nz.