Companies are realising that they need to have some kind of strategy to manage and control the vast array of mobile devices at play across their ranks, but mobile device management, being largely unchartered territory, is still being grossly neglected.
‚Perhaps it’s a case of ‚ignorance is bliss’, or maybe it’s a case of paralysis by analysis. More likely, it is simply a case of companies not knowing where to start. Either way, most South African companies are seriously lagging behind when it comes to managing the threats associated with the use of mobile devices in the enterprise,‚ says Dries Morris, Operations Director at Securicom, specialist provider of managed IT security services.
Mobile penetration in South Africa is exploding, with a study by local research company World Wide Worx suggesting that penetration, defined by active SIM cards, is already at 112%. It’s also been predicted that smartphone penetration in South Africa could reach 80% by 2014.
For companies, the explosion and wide-use of smart mobile devices poses a big threat because as long as there is no strategy for managing device security and content, any business information stored on those mobile devices is at risk of being lost, stolen, or seen by someone who shouldn’t see it. Furthermore, while employees embrace mobile devices to work uninterruptedly on the move, they’re using those very same devices for internet browsing, social networking and downloading apps and information. This opens them up to mobile malware which is also becoming increasingly prevalent.
Clearly, the need to manage and protect mobile devices is a pressing one. But, with the number and variety of mobile devices rapidly flourishing, and as more employees start using their private devices for work purposes, uninitiated IT managers can be forgiven for growing increasingly overwhelmed about how to tackle the issue.
‚Mobile device management is one of the biggest security challenges companies are facing at the moment and there is a lot to consider,‚ says Morris.
Some of the considerations include:
¬∑ The user matrix ‚ which employees are using mobile devices for work purposes?
¬∑ The device matrix ‚ what devices are they using? What devices, if any, should be disallowed?
¬∑ Device deployment ‚ how are mobile devices deployed to users? Are they owned by the company or their employees own devices?
¬∑ Connectivity – how will employees connect to the network and how can this be secured?
¬∑ Device security ‚ how will content be secured and how can regular updates be enforced?
¬∑ Device decommissioning ‚ processes for deactivating or decommissioning devices should they be lost or stolen, or should the employee leave the company?
¬∑ Access control – how to check the validity of users and control the level of access employees have to business information from mobile devices?
¬∑ Application control ‚ what sort of applications can be downloaded onto mobile devices that are used for work purposes and to store business information?
¬∑ Monitoring – how to gain visibility of usage behaviour and the security status of mobile devices?
¬∑ Data loss prevention ‚ what type of information can be downloaded and stored on mobile devices?
As most companies don’t have the skills, resources or technology to address the challenges associated with mobility, Morris says companies shouldn’t do it themselves.
‚This is an issue that isn’t going to go away. Instead of ignoring it or taking a haphazard approach, talk to experts about tackling mobile device management strategically and do it from the cloud.
‚A cloud-based mobile device management solution is undoubtedly the easiest and most effective way to gain visibility and control of a variety of mobile devices while managing costs and enjoying access to qualified support,‚ concludes Morris.
* Follow Gadget on Twitter on @gadgetza