April - 2013 - issue > View Point
The new Normal of Enterprise Mobile Security
Avinash Birnale
Co-founder & Vice President-Technology-Endeavour
IT organizations have been constantly implementing security and network, data safeguarding practices through a variety of enterprise wide policies and tools. Sadly, this still is not enough. Enterprises have found themselves at the crossroads of strict security policy implementation and best practices that extends to mobile devices. Mobile devices (including smartphones and tablet) are not just another "hole" in your network that pumps/ consumes the data, but they are business critical too. And yet, CIOs have most critical responsibility to protect data by opening it to wider access.
The enterprise mobile security today is a combination of effective implementation of existing policies and robust mobile solutions. The mobile security can start with extending the IT policies to mobile devices or computers and then effectively building it into the solutions. Hence, devising the security implementation by understanding enterprise mobile risks, designing a mobile security policy and selecting a robust mobile security strategy is the new "Normal" of the Enterprise Mobile Security!
Security Approach
Enterprise Mobile security must be built on a robust framework for the solution that is safeguarded by using best of the breed mobile device management (MDM) solutions. While MDM protects the devices and network from unauthorized access and device safeguarding, the well thought out security framework should be complement throughout the layers of access for the mobile applications. The layers of access include – Device, network transit and overall application landscape. Practically Enterprises must build the overall solution and strategy to depend on more than one layer of validations.
If you have already invested on VPN networks, or any form of two or more factor authentication, consider it extending to the mobile solutions. Often mobile applications need one or more connection points into the network. More the number of interfaces, higher are the security risk. Consider using a common middleware enterprise application platform (MEAP) that allows single point of connection to the various mobile solutions and in turn connect with internal enterprise solutions.
Reader's comments(2)
1:Very insightful thoughts. You have touched upon most of the aspects of Mobile application security lifecyle. It helps organizations to focus on mobile security strategy.
2:A wonderfuly articulated piece on enterpise security. Sure, the guardians of information security cannot muffle the tide of mobility in companies, but swim along with the appropriate safeguards. Investing in well devised solutions like mobile device management and security at different levels ex, application security makes sense to safeguard information flow, in present and future
Disclaimer
Messages posted on this Web site under the `Comments' area are solely the opinions of those who have posted them and do not necessarily reflect the opinions of Infoconnect Web Technologies India Pvt Ltd or its site www.siliconindia.com. Gossip, mud slinging and malicious attacks on individuals and organizations are strictly prohibited. Infoconnect Web Technologies India Pvt Ltd can not be held responsible for errors or omissions in content, nor for the authenticity of the user/company name or email addresses associated with posted messages. Infoconnect Web Technologies India Pvt Ltd reserves the right to edit or remove messages containing inappropriate language or any other material that could be construed as libelous, potentially libelous,
or otherwise offensive or inappropriate.Infoconnect Web Technologies India Pvt Ltd do not endorse the products and services or any other offerings mentioned in these messages.
|
|
