Mobility security is no longer about MDM

By Richard Dornhart, National Practice Manager – Security, Data#3

As we’ve discussed in previous posts, enterprise mobility should be approached as a “people first” strategy not a “technology first” project.

However, whenever mobility discussions arise within a business, typically the first thoughts are often based around securing and managing the mobile device. That’s because the IT department sees mobility as a risk – how do you protect corporate data if a device is lost? What if confidential information is being downloaded outside the corporate firewall?

Mobility Security

This thinking then generally leads to mobile device management (MDM) and a technology first approach, which is understandable because in the early days, mobility was always about the device and how it is managed, locked down and “protected”. But not any longer.

This isn’t to say that security and device management are not important because they obviously still are. What we’re advocating is a user first, technology second philosophy instead. Business is predicated on people and productivity so technology should be viewed as something that can support that, not constrain it.

It’s about a framework approach that considers every element of mobility, bringing them together to deliver on the enterprise mobility promise – ‘The Anywhere Workplace’.

So if it’s not just about MDM, then how do you address security and management concerns?

The first step is to shift the discussion away from the device. The device is not nearly as important as who is using it, where they’re using it and what it’s being used for. The conversation shifts from the device to the information that is on the device, or being accessed via the device – that is the real asset.

Users also have multiple devices these days and they constantly shift between those devices depending on where they are and what they’re doing. This is only going to increase as the wearables market heats up with new products and new capabilities, so focusing on the device becomes even less relevant.

Security in this situation must be frictionless. If security is implemented as a device centric function, it acts as a roadblock – and people will look for ways around that roadblock. You need to provide users with a consistent, platform experience, regardless of whether the device is a 1 inch smartwatch or a 65 inch conference screen. An experience in which security is an intrinsic component linked to the user and the information being accessed, not an IT enforced add-on.

This is where context comes in, knowing who should be accessing what information, where and when. This can only work if you have an inherent understanding of the different user roles within an organisation and can document it via a user segmentation exercise – the topic of a previous blog post.

However, that’s not the only consideration, you must also understand your information. Information is constantly evolving and organisations are struggling with the burden of unstructured data. The solution is to carefully classify this information to provide context. For example, sensitive financial information may accessible inside the office but not outside the office. When combined with user roles, your systems can then make informed decisions. Policies can dictate how that data can be used and where it can be consumed, giving you comfort that situations and combinations of information and devices you may not have considered are fully protected without impacting the user experience.

Tags: Data Security, Enterprise Mobility, Mobile Device Management (MDM), Mobility, Security



Managed Services eBook
Your guide to Data#3 Managed Services

Digital disruption is causing significant changes in the workplace, leading to higher expectations for access, security, and support regardless of…

A truly seamless collaboration experience, all under one (hybrid) roof

The world is redefining work. Where we work has changed. How we work has changed. However, the thing that…

Can everyone hear me okay? The secret to better remote collaboration

To say that the way we meet and collaborate has changed is obviously an understatement. Let’s avoid buzzwords (I didn’t…

Data#3 Wins Schneider Electric Elite Partner Award
Data#3 named Schneider Electric Elite IT Solution Provider of the Year

March 17, 2023; Sydney, Australia: Leading Australian technology services and solutions provider, Data#3, today announced that it has been named…

JuiceIT Guest Blog | How video conferencing protects confidential communication, elevates work flow and improves user experience

The shape of the modern workforce is changing. However, fundamental business principles pertaining to government and council operations remain the…

Customer Story: Pernod Ricard Winemakers

Azure Migration gives Pernod Ricard Greater Flexibility and Improved Performance Download Customer Story Contact a Specialist…

Top Ten Tips: Microsoft Teams for Education

You would be forgiven for thinking Microsoft Teams has taken over the corporate world with how many organisations use it…

Data#3 wins Aruba as a Service award
Data#3 wins Aruba ‘as a Service award for two consecutive years

February 1, 2023; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, today announced that it has been named…