
Learn about simple solutions to protect your data and minimize frustration and confusion for end-users.
With the exponential growth of mobile device usage in the workplace, security has become one of the primary concerns for companies that need to find a good balance between flexibility and protection, to ensure a good end-user adoption of mobile technologies at work while keeping their infrastructure safe from potential risks at the same time. Every system, no matter how strong, has a weak spot that will ultimately determine its strength and in this case that is the end-user.
As human beings, we are prone to failures and having to manage multiple usernames, passwords, etc. can become a real pain that leads us to using workarounds like weak, easy-to-guess passwords and/or the same passwords for all accounts. We also sometimes use unapproved third-party applications as a safe to keep all these passwords, but can lose visibility or control as to where that sensitive information is actually stored (device, cloud, etc.), how it is stored (in clear, encrypted, etc.) and who potentially can access it.
Today we all have at least one mobile device with us all day long – mainly our mobile phone – why not use it as the central tool that allows us to make security both easy and strong? Since end-users are the biggest security issue, make their security easier in order to make your infrastructure security stronger.
Easy Authentication
Many solutions offer Single Sign-On (SSO) capacity, so a user can authenticate once and then be authorized to access other company resources without having to re-authenticate, like when using a computer at the office. Most of them rely on certified authentication which provides both a high level of security as well as seamless integration with most IT infrastructures and transparency for the end-user.
Multi-Factor Authentication (MFA) is also a great way to ensure that the user is actually who they say they say they are, by requesting another credential to be provided; that technology has existed for a while, like the typical hardware token used for VPN connections, but is now extended to mobile so any managed mobile device (phone, tablet, watch) can be used to confirm user identity before allowing connections. One could forget their token at home or the office (who hasn’t?) but nowadays nobody goes anywhere without their mobile phone! So let's use that to our advantage.
Data Protection
This obviously goes beyond the typical VPN connection from your laptop back to the corporate network, for example, in-home office or WE on-duty scenarios. With mobility at the center of IT, apps and app containers also need to be secured, with user authentication and end-to-end data encryption to ensure the security of corporate data both at-rest and in-transit. This can be achieved using containerized app solutions provided by the major UEM players in the market, both for public or internal/in-house apps.
Endpoint Security
Another topic to consider is ensuring that a compromised mobile device cannot connect to the company infrastructure, and this can be enforced using a UEM solution with Mobile Threat Defense (MTD) capacity, so not only compliant devices can connect but also compliant applications.
Zero Trust technologies on the other hand are newer to the market. Using AI machine learning allows detection of any uncommon behavior from both the user and/or his devices, (ex: connecting from an IP address in middle east while scheduled to be at home office a few blocks away in central D.C.) and mitigates the risk to the infrastructure by either blocking connections or instead asking the end-user to re-authenticate and ensure their identity.
Effective security does not have to be complex – it can be simple. With solutions such as single sign-on and multi-factor authentication, companies can rest assured that their data is protected and their user base is secure, while these quick and easy tools also minimize frustration and confusion for end-users.
Security is what we all seek, but the question is: Do we have the right tools in place to get the job done?
Scource: vmware.com