Law firm restricts mobile data access in the danger zone

The IT pro: Anthony Visceglia is a systems engineer at a global law firm.

Anthony Visceglia

The problem: IT needed a way to temporarily restrict mobile data access to sensitive corporate information in blacklisted countries and then restore full access once the employee returned home. "There is no way to completely secure the data that's on an employee's personal phone, and we can't force all their data to go through a secure VPN," Visceglia said. Plus, there's no guarantee that a foreign government isn't tapping into travelers' devices.

The strategy: The firm uses SecureAuth and Ping Identity to enforce location-specific policies for mobile data access. When an employee overseas needs to access certain data, a push notification asks for a biometric marker to confirm their identity. "As soon as they step out of the country, they immediately have access again without delay or the need for a help desk ticket to have someone [in IT] manually switch over the data," Visceglia said.

The result: The firm has seen a dramatic reduction in help desk calls and tickets from traveling employees. Meanwhile, mobile workers don't have to worry about security interfering with their workflows. "We can use it on a résumé to attract new business or differentiate ourselves from our competitors, that we meet some of the more technical, IT-specific standards," Visceglia said.