Between high-speed internet, cellular phone and data, and easily portable equipment in the form of laptops or tablets, worker productivity is higher than it has ever been. But with this productivity comes a price: Knowledge workers are demanding greater freedom in how they work and greater flexibility in where they work, twin issues that can create a multitude of security problems for overworked IT departments.
Devices and apps proliferate
Whether it is a laptop loaded with the latest and greatest apps, a tablet with a hefty song library and video-editing app, or a mobile phone with an array of boredom-battling games and fast internet access, employees are using more equipment and apps than ever before. And they are using them in more places: snug in the belly of a red eye flying from Manila to Singapore, sprawled in a chair as they sip a perfect espresso in a cozy café in Venice, perched in a ski lift as they ride to the top of the perfect peak.
And not only are equipment and locations proliferating, but the ease of access to third-party applications and tools provided by app stores on common operating systems such as Windows, iOS and Android is exploding too. It’s an explosion employees are taking advantage of as they grab whatever they want, whenever they want it, from file-sharing and note-taking apps to group collaboration apps and email clients.
All of which is the stuff of nightmares for IT departments as they scramble to make this mess of hardware and software secure.
Security breaches grow
There are two common approaches to coping with this trend. First, many an enterprise all but throws up its proverbial hands at the Herculean task of managing the scope, allowing employees to pick whatever hardware they want and load it with whatever apps they desire. The second tactic? The organization tries to lock it all down. In either case, there is risk — of data loss or worse, and of a loss of productivity and collaboration.
Everyone wins: Asserting control
So what are IT departments to do? Clearly, they need to take back control. But, also clearly, they need to do it without limiting the freedom of employees. Better still, they need to do it in such a way that employees never — or hardly ever — notice. These objectives can be met in five steps:
Step 1: Strategy
First, the enterprise must establish a secure mobility strategy. This means undertaking a device and mobile security assessment, determining ideal incident response, and establishing a framework for conducting forensic investigations.
Step 2: Access
Second, it is important to establish data access rights, be they with employees or partners. What do employees get access to? Does that access change if they are using an unknown device? Is access dependent on where the employees are located?
Step 3: Data
The third step is securing data, wherever it travels and resides. The enterprise must determine how it will protect data on phones, tablets, laptops, even across multiple operating systems, transparently. This requires creating a set of policies across the enterprise that will protect data, enable the secure wiping of mobile devices, and ensure regulatory compliance.
Step 4: The endpoint
The fourth step is securing the endpoint itself. This involves establishing containerization to secure devices and data while provisioning access to devices. This also includes automating device discovery and inventory and creating separate work environments to segregate personal and company information on employee-owned devices.
Step 5: The network
The final step involves securing the network as a whole. Not only must you ensure that employees are getting the right data from the right devices or apps to enable them to be productive, but the network must also be resilient against malware and must scale to support the additional load.
You don’t have to compromise security to enable mobility
A complete plan is achievable, and on display at Dell World 2014. Meet subject matter experts from Dell who will share their insights. View demonstrations and learn more about cutting-edge software and services such as Dell Enterprise Mobility Management, Dell One Identity Solutions, Dell SonicWALL and Dell SecureWorks Security Services. I hope to see you there — carrying your devices and working away!
Check out our full lineup of security sessions at Dell World.
Learn how to create a culture of security in your organization.
Visit dell.com/Security to view the complete range of the Dell’s security solutions.
Scott Lang is Security Solution Marketing Director at Dell.