Mobile data protection requires IT to handle a lot of moving parts. Devices and users move between different locations — often outside the office — and the data itself moves between devices, files and applications.
Safeguarding mobile data is extra complicated because there is so much variety among mobile operating systems and devices. An IT administrator’s first instinct might be to force users to work with specific devices, but many users want freedom when it comes to BYOD.
The best move is to establish security requirements for the devices and OSes IT allows, such as requiring a minimum OS version devices must run. Add in full device encryption, over-the-air mobile device management, remote wipe capabilities and activity monitoring, and IT has a solid base for mobile data protection. IT should also create password length and complexity requirements and establish a maximum number of failed login attempts on a device. It’s a good idea to enforce a set period of time for a device to lock due to inactivity.
Still, it’s the data on the devices, not the smartphones and tablets themselves, that IT should really worry about. Admins can turn to mobile application management (MAM) to take security even further. MAM can keep users from sideloading unapproved apps, and IT can push approved apps to users’ devices. Admins can also use MAM to manage application lifecycles, track app usage, encrypt application data and more.
Containers are also effective at keeping corporate and personal apps and data isolated from each other. They introduce a second layer of encryption and authentication. Plus, containers curtail users’ fear of remote wipe because IT can remove only the data within the work container.
Mobile content management (MCM) operates under a similar concept, essentially creating a lockbox for users to store important files. MCM tools provide a cloud environment for users to share and access corporate data, but IT can still keep an eye on it.
Mobile data security is about doing everything possible to keep track of who is doing what with what data. It is constantly evolving, but with some planning, IT can take measures to mitigate the risks of mobility.