Mobile Security Is Still Important
While the UC vendor community still emphasizes the importance of mobility, one topic that doesn't get nearly enough attention is mobile security. Fortunately, there have been a number of developments that had improved the overall ability to secure sensitive information on or accessible through mobile devices, but organizations still must take steps to put them in place. And unfortunately, many organizations still seem to feel that "denial" is an adequate approach to security.
Probably the single biggest boost for mobile security has been the move to the cloud. If we can store the data in the cloud rather than on the device, we can alleviate much of the concern regarding exposures created by lost or stolen devices. However, if the device is not password protected and there is no password required to sign onto the app to access that data, a stolen device is still a potential data leak. Many of the B2C apps, particularly those from the financial services community, have now moved beyond passwords to biometrics like Apple's TouchID for authentication. With Windows 10, Microsoft will be offering a whole range of biometric options through its Hello function.
If the data is going to reside on the device, on-device encryption should be a required element. However, without a hardware device to do the encryption (i.e. a "crypto chip") the device performance will slow to a crawl. Crypto chips are standard on all current iPhones, Samsungs, Microsoft Luminas and the BlackBerry Priv, but you won't find them on many lower end Android devices. So it's probably a good idea to maintain the list of "acceptable" BYOD smartphones.
One of the biggest developments for on device encryption in Mobile Device Management-Enterprise Mobility Management (MDM/EMM) systems has been the idea of a secure container. This is a separate, encrypted region on the phone where enterprise data and apps can be stored; the user has to sign-on to the container to access those apps. The original concept was to have an IT area on the device that could be wiped remotely if it were lost or stolen. The secure container would also allow corporate date to be wiped if the employee left the company and would still leave the personal data untouched.
Now the secure container has become a key element in data loss prevention (DLP). The container keeps track of what data it controls and IT can enforce policies as to how that data can be handled. Printing or copy & paste can be restricted, and we can also prohibit forwarding data to personal email or personal cloud storage.
In Windows 10 Mobile, Microsoft will be adding a new capability that makes these functions more user friendly. With the Enterprise Data Protection (EDP) capability, IT will be able to identify apps as corporate (i.e. "trusted") versus personal. Any data downloaded to a trusted app is automatically encrypted and DLP policies can be defined. If the user attempts to violate the policy, the action can be prohibited or the user can be given a warning that they are about to violate the policy. If they choose to proceed, an auditable trail is created.
EDP also supports "enlightened" apps that can be used for both business and personal. So, for example, Outlook could have both business and personal email accounts, but EDP would keep track of what messages were downloaded from the corporate email versus your personal Gmail or Yahoo account, EDP would enforce the same DLP policies on the business emails and their attachments.
While a significant percentage of organizations, particularly those in financial services and other regulated industries, have implemented MDM/EMM systems, many still look to manage mobile devices with the rudimentary capabilities built into Microsoft's Exchange Active Sync (EAS). EAS will allow you to enforce rudimentary policies like passwords, encryption and minimum password strength. However, the remote wipe function wipes the entire device and not just the corporate data (i.e. "There go the baby pictures"). That can be a major issue with employee-owned devices and is flat out illegal in some countries.
Threat resistance from malware has also improved across the board. Apple's iPhone and Windows 8.1 and Windows 10 devices limit data sharing between apps and can protect against apps escalating their privileges. Android has added some of those same capabilities with Android for Work, but the isolation mechanisms are different so you should look at those closely.
Most have also taken significant steps to protect against malware by implementing secure boot capabilities that test the firmware against credentials built into the hardware and tie that to the O/S load to create a secure chain of trust. The MDM/EMM systems also include jailbreak (iOS) and rooting (Android) detection to prevent devices whose inherent security mechanisms have been compromised from getting on the network.
While the mobile security tools are improving, it is still up to organizations to develop a mobile security plan and policy to ensure that the adequate protections are in place. That starts with a comprehensive, written mobile policy that is read and accepted by all users regardless of whether they are using company provided or personal (i.e. BYOD) devices; in some cases those policies are the same and in others they are markedly different.
We are seeing increasing emphasis on mobility in UC, but from a mobile security perspective, most of those initiatives are embarrassingly amateurish. It's great that a user can have an app that provides mobile access to the UC platform, but most of the discussion seems to be out of step with the mobile security measures we are taking with other mobile apps. In short, if the mobile security "bomb" goes off, you don't want to be the party that lit the fuse.
Tags
Start YourCustomized Search
SOLUTION AREA
SOLUTION PROVIDERS
- 8x8 (40) Apply 8x8 filter
- Alcatel-Lucent Enterprise (50) Apply Alcatel-Lucent Enterprise filter
- AT&T (44) Apply AT&T filter
- AudioCodes (48) Apply AudioCodes filter
- Avaya (396) Apply Avaya filter
- Cisco (573) Apply Cisco filter
- Dell (11) Apply Dell filter
- Five9 (53) Apply Five9 filter
- Fuze (39) Apply Fuze filter
- Genesys (100) Apply Genesys filter
- HP (98) Apply HP filter
- IBM (171) Apply IBM filter
- Jabra (9) Apply Jabra filter
- Logitech (56) Apply Logitech filter
- Lumen (3) Apply Lumen filter
- Masergy (50) Apply Masergy filter
- Microsoft (766) Apply Microsoft filter
- Mitel (232) Apply Mitel filter
- NEC (128) Apply NEC filter
- Nectar (58) Apply Nectar filter
- Polycom (95) Apply Polycom filter
- Ramp (37) Apply Ramp filter
- RingCentral (126) Apply RingCentral filter
- Sennheiser (18) Apply Sennheiser filter
- Slack (13) Apply Slack filter
- Tata Communications (59) Apply Tata Communications filter
- Unify (186) Apply Unify filter
- Vonage Business (80) Apply Vonage Business filter
- Yealink (8) Apply Yealink filter
- Zoom (20) Apply Zoom filter
- Acme Packet (24) Apply Acme Packet filter
- Allworx (2) Apply Allworx filter
- Arkadin (22) Apply Arkadin filter
- Aspect (34) Apply Aspect filter
- BT (25) Apply BT filter
- CaféX (8) Apply CaféX filter
- CallTower (14) Apply CallTower filter
- Clarity Connect (10) Apply Clarity Connect filter
- Continuant (1) Apply Continuant filter
- Damaka (4) Apply Damaka filter
- Dialogic (5) Apply Dialogic filter
- Dimension Data (44) Apply Dimension Data filter
- Empirix (11) Apply Empirix filter
- Enghouse Interactive (17) Apply Enghouse Interactive filter
- Inference Solutions (9) Apply Inference Solutions filter
- IntelePeer (27) Apply IntelePeer filter
- IR (11) Apply IR filter
- Jive (21) Apply Jive filter
- Kurmi Software (21) Apply Kurmi Software filter
- Lifesize (33) Apply Lifesize filter
- Lightware (3) Apply Lightware filter
- Mavenir (6) Apply Mavenir filter
- Modality Systems (8) Apply Modality Systems filter
- Momentum (36) Apply Momentum filter
- Netfortris (5) Apply Netfortris filter
- NetSapiens (6) Apply NetSapiens filter
- NewVoiceMedia (31) Apply NewVoiceMedia filter
- Nureva (26) Apply Nureva filter
- NUWAVE (5) Apply NUWAVE filter
- Orange (32) Apply Orange filter
- OVCC (8) Apply OVCC filter
- Panasonic (18) Apply Panasonic filter
- PanTerra Networks (9) Apply PanTerra Networks filter
- ScanSource (21) Apply ScanSource filter
- SIPPIO (3) Apply SIPPIO filter
- Snom (20) Apply Snom filter
- Star2Star (8) Apply Star2Star filter
- StarLeaf (12) Apply StarLeaf filter
- Tadiran Telecom (2) Apply Tadiran Telecom filter
- TekVizion (9) Apply TekVizion filter
- Unimax (7) Apply Unimax filter
- Verint (40) Apply Verint filter
- Voice4Net (2) Apply Voice4Net filter
- VOSS (85) Apply VOSS filter
- Voxbone (14) Apply Voxbone filter
- West (28) Apply West filter
- XO Communications (3) Apply XO Communications filter
- Yorktel (17) Apply Yorktel filter
- Zultys (2) Apply Zultys filter
- 3CX (8) Apply 3CX filter
- ADDASOUND (1) Apply ADDASOUND filter
- Aerohive (1) Apply Aerohive filter
- Aryaka (1) Apply Aryaka filter
- Asurion (22) Apply Asurion filter
- Avnet (7) Apply Avnet filter
- Bandwidth (5) Apply Bandwidth filter
- Calabrio (5) Apply Calabrio filter
- Consilium Software (13) Apply Consilium Software filter
- Drum (5) Apply Drum filter
- ESI (6) Apply ESI filter
- Esna (16) Apply Esna filter
- Exinda (2) Apply Exinda filter
- EZuce (3) Apply EZuce filter
- GUnify (6) Apply GUnify filter
- Highfive (4) Apply Highfive filter
- Huawei (47) Apply Huawei filter
- Imagicle (3) Apply Imagicle filter
- IPCortex (1) Apply IPCortex filter
- KnoahSoft (1) Apply KnoahSoft filter
- KOVA (1) Apply KOVA filter
- Logmein (9) Apply Logmein filter
- Metropolis Technologies (4) Apply Metropolis Technologies filter
- Mutare (2) Apply Mutare filter
- NextPlane (27) Apply NextPlane filter
- Ooma (16) Apply Ooma filter
- Patton (11) Apply Patton filter
- Radish Systems (1) Apply Radish Systems filter
- Radisys (3) Apply Radisys filter
- Shango (1) Apply Shango filter
- SMART (163) Apply SMART filter
- Stack8 (1) Apply Stack8 filter
- Swyx (1) Apply Swyx filter
- TrueConf (4) Apply TrueConf filter
- UJET (13) Apply UJET filter
- Voximplant (3) Apply Voximplant filter
CONTENT TYPE
- BC Expert Insights Market (42) Apply BC Expert Insights Market filter
- BC Expert Insights Objective - Vendor Neutral (42) Apply BC Expert Insights Objective - Vendor Neutral filter
- BC Expert Insights Planning (15) Apply BC Expert Insights Planning filter
- BC Expert Insights Solution (12) Apply BC Expert Insights Solution filter
- BC Expert Insights Vendor (80) Apply BC Expert Insights Vendor filter
- BC Expert Insights Vendor Solution (145) Apply BC Expert Insights Vendor Solution filter
- BC Expert Roundtable (133) Apply BC Expert Roundtable filter
- Bcs Webinar (0)
- Bcs Webinar Registration (0)
- Best Practice (38) Apply Best Practice filter
- Buyer Guide (14) Apply Buyer Guide filter
- Case Study (29) Apply Case Study filter
- Executive Interview (145) Apply Executive Interview filter
- Expert Roundtable (450) Apply Expert Roundtable filter
- Guest Contributions (34) Apply Guest Contributions filter
- Multimedia (38) Apply Multimedia filter
- News Analysis (2081) Apply News Analysis filter
- Newsfeed Article (1303) Apply Newsfeed Article filter
- Newsfeed Article (1) Apply Newsfeed Article filter
- Thought Leadership (21) Apply Thought Leadership filter
- Vendor Collateral (211) Apply Vendor Collateral filter
- Vendor Resource Best Practices (24) Apply Vendor Resource Best Practices filter
- Vendor Resource Buyers Guides (2) Apply Vendor Resource Buyers Guides filter
- Vendor Resource Multimedia Content (4) Apply Vendor Resource Multimedia Content filter
- Vendor Resource White Paper (4) Apply Vendor Resource White Paper filter
- Webinar (13) Apply Webinar filter
- Webinars (7) Apply Webinars filter
- White Paper (64) Apply White Paper filter
MORE FILTERS
INDUSTRY
- Banking And Investment (800) Apply Banking And Investment filter
- Education (446) Apply Education filter
- Energy And Utilities (487) Apply Energy And Utilities filter
- Finance (12) Apply Finance filter
- Government (675) Apply Government filter
- Healthcare (482) Apply Healthcare filter
- Hospitality (180) Apply Hospitality filter
- Insurance (100) Apply Insurance filter
- Manufacturing (704) Apply Manufacturing filter
- Media/Publishing (422) Apply Media/Publishing filter
- None (43) Apply None filter
- Professional Services (745) Apply Professional Services filter
- Retail & Distribution (798) Apply Retail & Distribution filter
- Technology (1611) Apply Technology filter
- Transportation (110) Apply Transportation filter
Comments
There are currently no comments on this article.
You must be a registered user to make comments