Mobile information security
Opportunities to work outside the conventional workplace are becoming more common, so there is a need to supplement traditional security with new methods. The expanding range of work tools also places greater demands on compatibility between different platforms, with the user experience increasingly at the centre. Add to this the increasing incidence of malicious intrusions, hostage-taking and information leakage and the situation can seem bleak if not hopeless. In order to address the situation, it is important to identify the level at which there may be security gaps.
1. Shell protection
The first level is conventional shell protection, which includes not only technical solutions in the form of firewalls and the like, but also physical protection in the form of access control systems, locks and the like. Within the layered protection, the information you want to protect resides on computers and servers, and most organisations have adequate protection in place. However, information today tends to be increasingly located outside the layer in the form of portable devices, cloud solutions or exchanges with partners, which may mean that additional protection is needed.
2. Units
In the category of classic device management, methods such as Group Policies, System Center Configuration Manager (SCCM) and various anti-malware products can be mentioned, but they do not have the accuracy in today's device market. For this reason, Mobile Device Management (MDM) has emerged as a complement or perhaps even a replacement in some cases where the goal is to be able to manage all types of devices based on different operating systems such as iOS, Android, Windows and macOS.
The industry is relatively young, yet mature enough to provide an alternative to the current management of devices, knowing that opportunities are limited.
3. Applications
In cases where it is not possible to manage the devices directly or for some other reason, there are now possibilities to manage the applications themselves, a concept called Mobile Application Management (MAM). The advantage of this approach is that it is possible to restrict the exchange of information between applications and also to set requirements in terms of encryption, PIN codes and so on. However, it is important to point out that, like MDM, MAM has limitations in functionality in that there is a limited range of applications that can be managed.
4. Information
Last but not least, there are also possibilities to protect information directly with features such as restricting and tracking access. This can be done manually by users with a few simple and convenient maneuvers or automatically based on a set of rules. Whatever the design, the information is restricted and secured, further enhancing protection.
Identity
All of the above methods are available individually or together as a whole, but a common thread running through them all is identities. Whichever combination is implemented, identity is perhaps the most important point of all to secure. It is then important to have the ability to fortify, track and even block identities so as not to compromise other security as much as possible.
Microsoft EMS
A solution that covers all of the above security methods apart from parts of the scale protection is Microsoft Enterprise Mobility + Security (EMS) where devices and applications are secured by Intune, information by Azure Information Protection and identities by Azure Active Directory Premium.
Interested in finding out more? Click the button below and fill in your contact details and one of our EMS consultants will contact you to tell you more.
