The rise of business mobility is accompanied by a corresponding increase in risk. Gartner estimates that more than a quarter of all corporate data traffic now bypasses perimeter security entirely, flowing directly from mobile devices to the cloud. So, it’s no surprise that attackers are increasingly targeting mobile devices in order to expose sensitive business and personal data. AT&T’s 2017 Cybersecurity Insights Report found that employee mobile devices are now the No. 1 source of breaches.
Nevertheless, the business use of mobile devices continues to accelerate. Most companies these days would tell you that smartphones, tablets and laptops are essential for conducting business, and they are, in fact, looking for new ways to boost their use of mobile computing.
These factors all point to the need for solutions that strengthen mobile security. Most industry analysts agree that enterprise mobility management (EMM) solutions should be a central component of any organization’s overall mobile security framework.
EMM improves security by helping IT implement and enforce security policies across a range of mobile devices. EMM tools also improve device management by streamlining onboarding, allowing administrators to push out updates and applications, and enabling personal and business data to be segregated.
451 Research projects that global EMM revenues will grow at a compound annual growth rate of 25 percent through 2021, with total revenue forecast to jump from $6.92 billion in 2017 to $16.29 billion in 2021. One reason for this growth is that organizations have come to understand that many traditional solutions are inadequate for mobile security.
In a study on mobile device security, the Department of Homeland Security noted that threats exist across all elements of the mobile ecosystem, including devices, operating systems and applications. These threats require a security approach that differs substantially from the protections developed for desktop computers, largely because mobile devices are exposed to a distinct set of threats, frequently operate outside of enterprise protections and have evolved independently of desktop architectures. The portability of mobile devices also increases risk because of the ease with which they can be lost or stolen.
Further complicating mobile security is the fact that end-users and businesses greatly overestimate the default protections on mobile devices. Although it is widely assumed that vendors and service providers have implemented protective measures, security is largely the responsibility of the user.
EMM solutions address these challenges by combining encryption, authentication and other security measures for the mobile ecosystem. They generally consist of a client agent that resides on the mobile device, receiving and implementing management commands from an administrative dashboard.
EMM actually combines a variety of mobile management tools, including a mobile device management (MDM) system to lock down the device, a mobile application management (MAM) tool to control and secure enterprise apps, and mobile information management (MIM) to protect business-critical data. EMMs also can interface with third-party data sources, including services that provide threat intelligence data about potential security issues with mobile apps.
Administrators can implement a variety of policies through the EMM dashboard. These policies can be used to whitelist or blacklist certain applications, automatically enforce compliance with notifications and app removal, restrict the use of specific devices, disable access to social media and other sites, control wireless settings, disable content sharing, and much more.
Without question, more work is getting done on mobile devices. As such, organizations must make mobile security an integral component of a multilayered defense. IPC can help you evaluate EMM tools and work with you to integrate one of these solutions into your overall security framework.