Enterprise mobility challenges – Identity, access and data security

By David Barclay, National Practice Manager, Data^#3

Previous articles in this series have described enterprise mobility – a game-changing, organisation-wide strategy for improved responsiveness, agility and competitive advantage. This article starts looking at some of the bigger mobility challenges to implementation.

Identity, access and data security are a tightly connected trinity of factors needing careful management in today’s mobile enterprise.

Let’s look at identity first – clearly only authorised users should be able to access corporate systems. This is a matter of basic good housekeeping, and is no longer technically challenging, with a range of technologies making it easy for administrators to manage the user base.

Access rights dictate what applications and data users should be able to use, and this is currently problematic for a lot of enterprises. Many corporate IT policies have not kept pace with the rise of cloud-based services and the ‘bring your own device’ (BYOD) movement, and are still based on locking everything down. While 20 years ago administrators could enforce ‘lock down’ policies because they were dealing with devices inside the corporate firewall, and which were owned by the organisation, that is no longer the case.

An increasingly savvy user base, familiar with a range of applications from their personal use of social media and content sharing platforms, seek out the best tools to do their jobs. Trying to restrict access to cloud-based services such as Dropbox, OneDrive, Box and others just drives activity underground, as users ‘go rogue’ in the quest to get their jobs done.

So part of your enterprise mobility management strategy must be to provide users with the tools they need to do their jobs. Recognise the range of work models and tasks that need to be supported, and provide sanctioned tools to achieve those outcomes.

Having addressed the issue of application access, you then need to control access to, and the security of, corporate data. And here we’re back to policies – but a new breed of policy.

Today’s policies must apply based on context. That is, not just what user is trying to access what application and what data, but also the location and device from which they are trying to access it, what they are trying to do with the data, and even the time of day at which they’re doing it.

Sophisticated policies now follow the information they protect. Let’s take an example. Joe is one of your sales force. Today, Joe’s in the office accessing client data from his laptop computer, an ordinary enough task, and one that’s permitted by the policies governing access to client data.

Fast forward to 11pm tomorrow night. Now Joe’s accessing client data from a tablet device over an external connection – no doubt working late, updating CRM system records with the details of today’s calls. But if Joe attempts to download all contact details for his client accounts to Dropbox, the policy governing Joe’s access to client data will block this action, on the assumption that this data is confidential and should not be saved outside the organisation’s systems.

Joe might then attempt to email the data to his personal address, and again a smart policy blocks him from taking corporate data outside corporate control.

This is the power of today’s enterprise mobility management tools – you can provide users with access to the data and functions they need to do their jobs, without compromising security.

If you need help find your way through the full range of solutions available in order to rapidly design and implement a solution that meets your unique requirements, engagement with an independent systems integrator such as Data^#3 will save you time and internal investment in conducting first principles research and learning.

We can help you secure your Anywhere Workplace.