The increased use of smartphones and tablets in the enterprises means IT security teams now must set controls on all those mobile endpoints. The aim is to ensure compliance and acceptable use policies, but there's nothing obvious or easy about meeting this challenge. This guide brings insights on the scope of the mobile challenge and the various approaches that enterprises (and vendors) are taking in response. We'll look at how to set strategy and policies to ensure successful mobile device management, and also zero in on the tools, software and training required to turn policy on paper into effective action. Because the security landscape never stops changing, we'll also consider more advanced topics like mobile application management, device visibility, containerization and more.
1STRATEGY AND POLICY-
Mobile device management strategy and policy
The number and types of mobile devices employees are bringing into the enterprise is exploding, and information security pros need to get a plan in place now to deal with them. A clear and comprehensive mobile endpoint security strategy, backed by effective policies, is crucial to figuring out exactly how to keep sensitive company information secure. Read on to learn about the risks mobile devices present, and why a well-thought-out strategy, backed by focused and effective policies, are the best first steps toward meeting the challenge of a secure, modern mobile business world.
Nearly 60% of respondents to our 2013 Enterprise Mobile Security Survey think mobile devices present more risk now than in Q2 2012. What's changed? Continue Reading
With the growth of BYOD, what measures can IT take to ensure enterprise data security, and what role does mobile device management fill? Continue Reading
2TOOLS AND TRAINING-
MDM tools, training and software
Once a company's information security experts have set their strategy and devised policies to meet the mobile challenge, the next step is to take action. The transformation from policy to effective action requires both advanced tools and employee training. The MDM product landscape changes rapidly; here's some of the latest intel for infosec pros to help them evaluate the available tools and vendors. And don't forget that crucial other step in achieving mobile endpoint security: employee training. The best tool in the universe has zero effectiveness if it's not used, or not used correctly.
Employee-owned smartphones and tablets in the workplace are the biggest potential hole in company network defenses. Mobile device security training helps users think twice before clicking download. Continue Reading
Focusing on the endpoints
Those handy little devices -- laptops, smartphones, tablets -- that improve our 21st-century lives can also be the source of nightmares for security professionals. The brands and capabilities of mobile endpoints are proliferating month by month, and enterprise IT departments must consider the particulars of each type in order to implement an MDM strategy. This section of our guide addresses the peculiarities of various endpoints, how to secure them and what to do when the worst happens -- when a mobile device filled with valuable enterprise data is lost or stolen and has the ability to connect to enterprise data resources.
A Gartner analyst says enterprise BYOD presents many pros and cons for enterprise endpoint security Continue Reading
Interconnected devices and MDM-resistant smartphones are only two of the mobile security issues ahead, as infosec pros learned at a recent international conference on security and risk management. Continue Reading
Mobile users deserting BlackBerry now must consider the security capabilities and gaps of the other mobile device options -- Android, Windows and Apple iOS. Continue Reading
Passcodes won't keep a thief out of files on a lost or stolen mobile device; a remote data wipe capability is key to any mobile device security policy. Learn how each OS handles it differently. Continue Reading
Under the COPE model, companies buy mobile devices for users but loosen the reins a little. It's supposed to be a more manageable alternative to BYOD. Continue Reading
Moving beyond mobile device management
In the modern security world, it's no longer enough to merely secure mobile devices. CIOs, infosec pros and MDM vendors must broaden their horizons and consider growing threats like mobile malware. The security vocabulary must expand beyond MDM to include mobile application management (MAM), mobile information management (MIM) and more. Or, as one of our experts in this segment of the guide puts it, "MDM is a necessary, but not sufficient, mobility management capability today."
If you're struggling to understand the differences between MDM and MAM, you're not alone. Learn all about the various technology options in enterprise mobile security management. Continue Reading
The increasingly widespread use of wireless handhelds in the enterprise is just one reason why malware pros are getting serious about mobile malware. Lisa Phifer details why smartphone and PDA viruses and malware are on the rise and how enterprises can protect their sensitive data. Continue Reading
5EMERGING MOBILE ISSUES-
Emerging issues: Device visibility and containerization
A security pro's work is never done! If change is the only constant in the security world, that means that once you have an MDM strategy and policy in place, and mobile endpoint management begun, the potential new threats and means for meeting them must next be considered. Read this segment of our guide to learn the latest about device and application visibility, containerization and other advanced concepts.
A new generation of application visibility and control (AVC) tools lets network managers peer into applications across a WLAN infrastructure and optimize how traffic is delivered. New AVC tools will help deliver a wider range of critical applications to personal and enterprise-issued devices. Continue Reading
Network access control (NAC) is dead. Long live endpoint visibility, access and security. Continue Reading
Some enterprise mobility management technologies are pretty complex. Secure containers try to fix that with a focus on mobile data protection. Continue Reading
What's the difference between mobile virtualization and delivering virtual desktops to mobile devices? One enables access; the other separates work and play. Continue Reading
Once you know the basics of MDM, it's time to look into more advanced mobile device management software for service, app and document management. Continue Reading
BlackBerry's Secure Work Space for iOS and Android will help heavily regulated companies or those searching for extra security containerize information. Continue Reading
MDM videos: From basic concepts to new ones
Reinforce what you've learned in the preceding guide sections with these essential videos from the SearchSecurity team of independent IT professionals. These audiovisuals cover the fundamentals of MDM as well as the emerging concepts you need to know.
Why is mobility the biggest challenge facing enterprise endpoint security?
BYOD is a hot trend in enterprise IT, and this video examines security challenges, security techniques and management strategies necessary for a successful BYOD program.
Learn the latest on endpoint integrity enforcement and what to ask vendors and groups within your own organization to keep infected, noncompliant endpoints from threatening your business.
Learn all about next-generation endpoint data security strategies and how to integrate endpoint technologies to spot persistent attackers.
Key terms for the MDM world and beyond
Parlez-vous MDM? Be sure you're fluent in the key mobile device management concepts. Learn our list of words to know and understand.