By David Ting, founder and CTO at Imprivata
As the proliferation of consumer devices continues, IT managers are becoming increasingly concerned by the complexities associated with managing increasing numbers of mobile devices within the enterprise.
Over the years, organisations have looked to provide employees access to corporate information from outside of the office premises in order to increase workforce productivity. However, as the mobile device ‘boom’ continues, IT managers need to weigh up the benefits of mobile access with the risks associated with misuse, as security breaches can be risky from both a financial and reputation perspective.
Providing balance
For IT departments, there needs to be a balance between providing employees with access to data whilst on the move, whilst also ensuring that devices are secure enough to deter misuse. For example, within the healthcare
environment, IT departments are faced with employees requesting to use their personal devices, such as iPads and iPhones, to access patient information from anywhere, anytime. With this ability, clinicians are able to make faster decisions for their patients, improving their overall workflow.
This mobile technology, however, is not without risks, and just as it offers faster access to information it can also open up new ways for the information to be compromised. As this trend looks set to continue to grow in the future, IT managers face a host of security challenges from granting access to unmanaged mobile devices, including how users authenticate against the enterprises web server to gain access, data caching features on mobile devices, communication channel security on public Wi-Fi or mobile networks, and potential breaches from lost or stolen mobile devices.
Protect all layers
IT departments are now looking at protecting all layers of the mobile computing environment, both the endpoint devices and the communication channels that connect the device back to the corporate network.
Some strategies that are effective include: network access controls to ensure outsiders cannot hack into the wireless network; education to help users be smarter about how they use and protect their mobile devices; and improved authentication to control device access.
However, one of the most effective solutions of securing information on mobile devices is through a combined Single Sign-On (SSO) and authentication management solution. These types of solutions can provide fast, convenient secure access to web-based applications for remote and mobile users, whilst adding in an extra layer of security which can be combined with a strong authentication platform such as smartcards, tokens or PhoneFactor, where the user is required to confirm a password by answering an automated call-back to the phone.
True mobility
For true workforce mobility, IT departments must address the problem of securing mobile devices. Without doing so, businesses are vulnerable to data loss and embarrassment in the future.
As business data becomes the most valuable commodity for enterprises going forwards, mobile security is a trend which looks set to continue well into the 21st century.
Imprivata helps organisations secure their networks by offering a single sign-on in an appliance-based authentication and access management solution. http://www.imprivata.com/