Principles for managing tablet security in the enterprise
By Rob Bamforth, Principal Analyst, Quocirca
Soothsayers have predicted the death of the physical desk in the same way many foretold the rise of the paperless office. It’s an excellent idea in principle, but not without its barriers; mostly centred on people issues rather than technical ones, which often makes them somewhat more difficult to overcome.
But peoples’ attachment to their rolodex, their desk-tidy and the never-ending stack of semi-filed, slightly coffee stained papers appears to be on the wane in some quarters. Modern organisations and their workers are beginning to embrace mobile as the default way of working.
The humble laptop and mobile phone are rapidly being usurped by the smartphone and increasingly by the current generation of touchscreen tablets enabling users to shift a significant part of their use of IT away from the traditional desktop or laptop.
To ensure tablets are secured managed for enterprise use, whether employee owned or provided by the business, introduces a requirement to investigate mobile device management and mobile application management tools such as those from vendors like AirWatch, Exitor, Fiberlink, MobileIron and Zenprise.
These may offer many different ways to address the vulnerability of tablets used for business purposes, whether provided by the business or employee owned, but there are several guiding principles that enterprises can use as a starting point:
- Assume all tablets are vulnerable. The flexible and generally more relaxed employee attitude to mobile working means that organisations should start from the assumption that all mobile devices are comprisable and connected to unsecured networks, whether employees BYOD or not.
- Establish a ranked information security architecture. Despite elevated mobile risks, not all users, locations or applications are equally troublesome and not all information equally sensitive or private. Levels of protection and control should discriminate based on level risk to the business. This is one area where collaboration between the IT and business functions is vital.
- Protect precious data at rest. This is particularly important for data on tablets, which are attractive and can easily be lost or stolen. However, all data held within the organisation should also be treated this way. A stolen executive’s tablet with appropriate credentials could easily access or compromise centrally stored sensitive information.
- Secure tunnels. All access and information on the move should be over a protected and authenticated connection as no matter what networks are in use there is always a risk of being snooped. Some, for example public Wi-Fi hotspots are more vulnerable than others, such as mobile operator provided cellular networks, but all carry risk and it is not safe to expect that users will make an informed or correct decision about which ones to use.
- Constrain and project. Some services are too important to risk any data ever being left on a mobile device. With a suitable network connection, these are best hosted from inside a secured facility, with access projected to the tablet. With no client application, when connection is terminated all residual information disappears.
- Partition work and home. Whether it is their own tablet or enterprise issue, employees will always have some personal use whether it is accessing social networks, checking sports results or storing their CV. Ensuring that such use is accommodated, but kept separate from corporate activity will reduce the risk of ‘crossover’.
- ‘Bait and switch’. There will always be risky consumer applications that employees would like to use – some cloud based storage services being an example, but if the organisation compromises a little, individuals can be won over. Swallow the cost of offering a more employee desirable tablet on condition that the safer corporate alternative apps are used. Then enforce with contract conditions and ideally supplemented with technology to bar such applications.
Management and security are not the only extra costs of the mobile flexibility provided by tablets. As working patterns continue to evolve, the dedicated desk with its associated services per employee are coming to look like an expensive luxury or just plain inflexible.
The impact of mass adoption of tablets in the enterprise could be far more significant than either the desktop or laptop computer.
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » What’s new on Forrester’s Zero Trust security landscape in 2019: From theory to integration
- » Apple notes continued enterprise presence as Salesforce partnership goes up a gear
- » Allison Cerra, CMO, McAfee: On education and mindfulness in removing cybersecurity complexity
- » How three digital banks have been targeted in account takeover scams – and how to avoid it
- » Five proven ways manufacturers can get started with analytics: A guide