SCCyberworld

Thursday, July 25, 2013

Securing enterprise mobility in Malaysia’s BYOD world

By Mark Micallef, Area Vice President, ASEAN, Citrix

The explosion of mobile devices is a huge challenge for IT organizations in many enterprises today. The emergence of Bring Your Own Device (BYOD) in Asia – and the mobile workstyles that it enables – brings with it significant benefits to the enterprise including a more productive and happier workforce and increased efficiency.

In the Citrix Workplace of the Future report released in 2012, Malaysia is ahead of its global counterparts in the number of devices used in the workplace, with an average of 6 devices per person, higher than the average of 4.43 devices globally and 4.39 devices in Asia Pacific. This indicates that Malaysia is a step ahead in embracing enterprise mobility.

As employees bring their smart phones and tablets into the workplace to access the corporate network, business applications and enterprise data, it is essential for IT teams to improve security of the multiple access points.

With the increasing diversity of devices entering the workplace and the growing need for compliance today, a secure enterprise mobility solution will require both mobile device management (MDM) and mobile application management (MAM).

Mobile device software works well when all the devices the IT department manages are company-issued as the software allows IT to restrict the types of applications the end-users are allowed to download onto the device.

But when personal devices are brought into the workplace with a multitude of settings, controls and operating systems, the standalone mobile device management software will not give IT the granular control that they need. This raises the risk of security issues beyond acceptable levels in today’s compliance-centric world.

Enterprises, therefore, require a comprehensive approach that extends beyond device management to include mobile application, as well as content and services management. This allows IT to enable the end-user to be fully productive without compromising on security requirements.
Securing your enterprise one app at a time

There are three key factors of a comprehensive mobility management solution.

Separation of corporate apps and data from personal apps and data
Segregating corporate apps and data from personal apps and data on a user device allows IT to create specific policy-based controls for apps that prevent corporate data security from being compromised.  With the segregation, IT can use mobile data leakage prevention software to lock, wipe and encrypt apps and data specific to the enterprise.

Restrict access to the corporate LAN via Micro VPN
By allowing the mobile device access to the corporate network via a Micro VPN over the SSL VPN, IT is able to restrict access to apps it considers illegitimate. Micro VPN functionality does not require a device-wide VPN that can compromise security on untrusted mobile devices. As a result, the internal network is not exposed to viruses or malware that could infect the entire corporate system, and corporate mobile apps and personal mobile apps are able to co-exist on one device. A mobile application management solution with a micro VPN technology fills a significant gap left by traditional secure remote access technologies.

Granular control for enterprise IT team
By giving enterprise IT granular control over all native and HTML5 mobile apps, enterprise IT is able to set strong authentication and endpoint analysis before permitting users to download and install applications on their devices.

Mobile Application Management will come to the forefront as a key enabler of enterprise mobile security in the months ahead as it gives IT teams the ability to centrally control and configure policies based on users’ identity, device, location and connectivity type so as to restrict malicious usage of corporate content.

In the event a device is lost or stolen, business applications and data can be disabled, locked or wiped remotely. The overall effect is a solution that increases employee satisfaction and productivity, while ensuring security and IT control.

No comments: