Share

Mobility security is no longer about MDM

By Richard Dornhart, National Practice Manager – Security, Data#3

As we’ve discussed in previous posts, enterprise mobility should be approached as a “people first” strategy not a “technology first” project.

However, whenever mobility discussions arise within a business, typically the first thoughts are often based around securing and managing the mobile device. That’s because the IT department sees mobility as a risk – how do you protect corporate data if a device is lost? What if confidential information is being downloaded outside the corporate firewall?

Mobility Security

This thinking then generally leads to mobile device management (MDM) and a technology first approach, which is understandable because in the early days, mobility was always about the device and how it is managed, locked down and “protected”. But not any longer.

This isn’t to say that security and device management are not important because they obviously still are. What we’re advocating is a user first, technology second philosophy instead. Business is predicated on people and productivity so technology should be viewed as something that can support that, not constrain it.

It’s about a framework approach that considers every element of mobility, bringing them together to deliver on the enterprise mobility promise – ‘The Anywhere Workplace’.

So if it’s not just about MDM, then how do you address security and management concerns?

The first step is to shift the discussion away from the device. The device is not nearly as important as who is using it, where they’re using it and what it’s being used for. The conversation shifts from the device to the information that is on the device, or being accessed via the device – that is the real asset.

Users also have multiple devices these days and they constantly shift between those devices depending on where they are and what they’re doing. This is only going to increase as the wearables market heats up with new products and new capabilities, so focusing on the device becomes even less relevant.

Security in this situation must be frictionless. If security is implemented as a device centric function, it acts as a roadblock – and people will look for ways around that roadblock. You need to provide users with a consistent, platform experience, regardless of whether the device is a 1 inch smartwatch or a 65 inch conference screen. An experience in which security is an intrinsic component linked to the user and the information being accessed, not an IT enforced add-on.

This is where context comes in, knowing who should be accessing what information, where and when. This can only work if you have an inherent understanding of the different user roles within an organisation and can document it via a user segmentation exercise – the topic of a previous blog post.

However, that’s not the only consideration, you must also understand your information. Information is constantly evolving and organisations are struggling with the burden of unstructured data. The solution is to carefully classify this information to provide context. For example, sensitive financial information may accessible inside the office but not outside the office. When combined with user roles, your systems can then make informed decisions. Policies can dictate how that data can be used and where it can be consumed, giving you comfort that situations and combinations of information and devices you may not have considered are fully protected without impacting the user experience.

Tags: Data Security, Enterprise Mobility, Mobile Device Management (MDM), Mobility, Security

Featured

Subscribe to our blog

Related

A guide to using Adobe Sign in Teams
A step-by-step guide to using Adobe Sign in Microsoft Teams

Are you tired of chasing paper or working manually with repetitive tasks? Do you need to reduce the gap between…

Device Review - Lenovo ThinkPad L13 Yoga Gen2
Set up your students for success with the Lenovo ThinkPad L13 Yoga Gen2

The pandemic is affecting many facets of our daily lives, none more so than the way we learn. As schools…

Customer Story: St Peter’s College

St Peter’s College innovates in the data decade For St Peter’s College, a leading independent boys primary and secondary…

What's new from Adobe DC and MS Teams
Here’s what’s new from Adobe Document Cloud and Microsoft Teams

With hybrid workplaces now the standard, digital document processes have become essential to business continuity. As a result, these once-manual…

A Day in the Life of MS Teams and Adobe DC Infographic
A Day in the Life with Microsoft Teams and Adobe Document Cloud

Today, we all rely on digital documents to keep businesses running – but managing approvals across a hybrid workforce is…

Citrix on Azure
Citrix on Azure: 4 things to know before moving from on-premises to the cloud

Over the last year, organisations around the world have had to rethink the workplace technology they provide to their people.

Remote Working on Citrix Azure
The security risks of remote working and how Citrix on Azure can help

We are living in a time of significant change when it comes to how and when we work. The events…

Microsoft Data#3 Certified
Data#3 leads the way with Microsoft certifications and advanced specialisations

August 10, 2021; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, today announced that it has successfully renewed…