Ninety percent of IT managers are planning to implement new mobile applications in 2011, with more than 45 percent convinced successfully managing mobile applications will top their priority list, according to a survey by Kelton Research. The same research revealed one in two respondents believe employee demand is driving the adoption of new mobile applications, and anticipate supporting about eight different mobile platforms or operating systems by year end. These findings emphasise that developing a strategy for managing and securing employees’ personally owned mobile devices is now part of a CIO’s portfolio. Google Android smartphones and tablets, iPhones and iPads are joining BlackBerry, Symbian and Windows Mobile devices in the workplace, and their numbers are only going to increase in the coming months. Regardless of whether corporate policy allows mobile devices to access the corporate network, workers are bringing them into the office.
What companies are realising is that allowing employees to use their smartphones and tablets to access corporate email and other resources results in greater productivity, improvements in creativity and innovation, time savings and collaboration.
Corporate IT departments naturally are cautious about opening up the network and allowing full access to any device. The IT department needs control over how and under what circumstances mobile devices can access corporate systems. Finding just the right balance – maintaining the integrity and security of the network while allowing easy access to the applications users need to be more productive – will give organisations a competitive advantage in the coming years.
Setting the ground rules
IT staff can secure the network for mobile devices without endangering corporate assets. Let’s explore how to protect your environment and provide employees the flexibility to use their personal devices without compromising critical enterprise resources.
A good starting point for IT managers is to definitively identify who is accessing, or trying to access the network. Every user shouldn’t automatically get access to everything on the network – not by a long shot. Take the time to survey your departments and employees to determine what they hope to gain from mobility.
When it comes to security, the bare minimum for securing personally-owned devices is password enforcement and on-device data encryption. Other critical areas include the ability to identify the devices connected to the network at any given time, and the ability to remotely wipe lost devices.
Because most IT departments are spread thin, the best strategy for making all of these adjustments to corporate policies is to keep things as simple as possible. Rather than adding another screen to the bank of displays that IT managers already need to look at for network status and the like, it makes sense to give users a measure of self-sufficiency to comply with company policy.
Time to embrace mobile devices
For IT professionals facing the onslaught of personal devices in the workplace, smartphones and tablets don’t have to be viewed as a violation of corporate security policies. Embracing a 'bring your own' policy can also help accelerate the process of IT transforming itself from "The Cost Centre That Says No" to "The Business Partner That Helps Drive New Revenue."
Since the vast majority of employees are using personal devices at home, harnessing this trend and turning it into an advantage for your company makes sound business sense and will go a long way to keeping employees happy and productive.
Top 10 mobile security features
1. Enforced authentication: Password protection requires a user to enter a password when the device is cycled on, with the device locked down after a predefined number of failed password attempts.
2. Over-the-air data encryption: Data exchange is fully encrypted using Secure Sockets Layer encryption.
3. Remote control capability: Administrators can take control of the mobile device.
4. Remote wipe: Administrators can clear all data and settings on a lost or stolen smartphone or tablet by issuing a simple remote wipe command.
5. Remote data fading: Administrators can automatically wipe out data on a mobile device if it has been reported lost, stolen or inactive for a certain period.
6. Full disk encryption: Data is secured and encrypted, making it next to impossible for anyone without authorisation to read private data on a mobile device.
7. Separation of personal and enterprise information: IT should be able to secure, control and erase corporate data and apps, separating enterprise data from personal data, such as photos, music and gaming applications.
8. User access rights and security policies: IT can secure specific data by shutting down the users’ ability to access certain data with their mobile devices.
9. Over-the-air provisioning: Administrators can set policies, configure user smartphones and provision apps and updates remotely from a central platform.
10. Network filters: Adding a filter to control access to backend systems creates another layer of data protection and helps keep technically savvy users who want to avoid IT safeguards in regulatory compliance. A filter collects data and analyses it so you can evaluate personal mobile devices coming into the network. One option is to monitor who is attempting access and to block access unless a device management client is installed on the device. These intelligent filters provide users with access to systems only if they have permission under IT policies.
The author is managing director of Sybase Australia and New Zealand.
To comment on this article, please email the editor.
Follow CIO on
Sign up to receive CIO newsletters.
Click here to subscribe to CIO.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.