Too many times in conversation I hear this idea that mobile devices of today are just as powerful as computers of 2-3 years ago. I fully agree with the premise behind this statement, that mobile devices should be treated like computers, however I would suggest that today’s mobile devices are even MORE powerful than computers. So why then are most enterprises allowing employees to access only Exchange (mail, contacts and calendar) with these powerful, yet penetrable devices?

The answer is as simple as the question – security. The security of access control for the device: knowing who is using it and when they are accessing the network and security of communications: knowing they cannot be intercepted or somehow compromised.

You can be sure that the CEO and Board could care less about this answer, yet would care very much if on the one hand their organization was breached via a mobile device leading millions in losses, or on the other hand someone from the organization could find a way to further securely enable the workforce to the same degree when out of the office than when in.

It is more often than not on the CIO to provide the technology necessary for employees and companies to succeed – but it is inevitably the CISO who is responsible for securely enabling that technology to bi-laterally exchange data with the enterprise network. So to follow the bouncing ball (noting this is drastically simplifying roles and responsibilities)…As a CIO you can keep the board and CEO happy if you work with the CISO to provide technology that can be properly secured to enable workers to do more wherever they are and not get hacked…easy right?

Not so fast. It has been proven time and again that usability is as important as functionality these days. If employees don’t like the way something works or it is too difficult or unwieldy, they will find a way around it – which is a lose-lose for security. Therefore one needs to add user experience and ease of use to any technology requirement for a large organization.

The good news is that we at Cyber adAPT have a solution and have even come up with a new description for the category called Secure Device Management (SDM). With a module for EMM, it can sit underneath and work perfectly with any installed EMM like Airwatch or MobileIron, without integration.

– Are you a company and want to allow BYOD users to be able to securely authenticate and access the network for more than just Exchange, without ruining the user experience?

  • SDM gives you that ability with an on-demand certificate authenticated IPSec VPN and the ability to do split VPN to waylay privacy concerns.

– Are you a utility or organization with devices you own, tasked with giving full access to these devices?

  • SDM not only locks the devices down, provides strong access control and communications, but can also route mobile traffic over other security resources like a content filter or DLP to be able to fully provide that level of security to mobile devices – once again without altering the user experience.

– You want to enable Police cruisers to securely connect to both the station and the FBI / DOJ database?

  • SDM secures the mobile device, making it tamper resistant with an always-on certificate authenticated IPSec tunnel.

Don’t be fooled by EMM or other vendors who say they do VPN and it is simply SSL. Even our sales team is capable of defeating SSL with a man-in-the-middle attack. Cyber adAPT is not here to say you chose the wrong EMM – we are here to say it is time you augment such a solution with an honest security vendor and a holistic approach to using security to further enable your mobile workforce.

For more information or a demo, click here.

Eric Green is the Security Strategist for Cyber adAPT. 

Comments are closed.

Enter your details and we’ll get back to you