‪Debunking four mobile security myths‬‬‬‬‬‬‬

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Even with the rapid adoption of mobile in the enterprise, there are a lot of misconceptions about user privacy, security and compliance.  We debunk the most prevalent mobile security myths.

* Myth 1: Mobile Device Management (MDM) is the cornerstone of my mobile security strategy

MDM has come a long way in helping facilitate the use of mobile devices in the enterprise. However, the device-level insights that MDM provides produce only a small subset of the information necessary to make strategic security decisions. Enterprises need comprehensive visibility over their entire mobile data ecosystem the device, the app, the network, etc. and not just a device-level solution.

Data on the device is only half of the mobile security challenge data migration to the cloud being the other half. Enterprises need a mobile security platform that not only protects data everywhere, but also empowers users with the apps and devices that they want to use. With a comprehensive solution organizations will have the necessary visibility, control and threat intelligence to deliver on a comprehensive mobile security strategy.

Myth 2: My Mobile Data Is Only On My Mobile Device

Enterprises often believe that their mobile data is stored only on their device but in reality, data can go anywhere (and ultimately does go everywhere), and enterprises have no way of tracking or protecting that data.

IT needs to begin viewing data security, then, as the first line of defense (not as the last). A mobile security approach that provides IT with visibility into which data has crossed the boundary of the enterprise and where it has gone will allow IT to make the necessary informed decisions about how to control that data. And because the controls are tied to the data, the user's native app experience will be left untouched, allowing the user to take full advantage of their capabilities.

Myth 3:  Avoiding BYOD will ensure that my data is secure

Over 28% of corporate data is accessed through mobile devices, and this will only continue to trend upward. Users access this corporate data with specific apps, manipulate the data across multiple devices, and potentially store it in the cloud. Regardless of whether your organization chooses to implement BYOD, your employees will continue to use their own devices to access corporate data when they want to. For this reason, it's best to rely on solutions that secure more than the device.

Myth 4: IT should dictate where my data goes

Mobile security begins with information gathering and ends with ensuring that IT and your employees are cooperating effectively. IT teams must look for visibility solutions that fill the knowledge gaps--where users are using, storing, and sending data--before going down the path of putting control policies in place.

For instance, if an organization's users are storing data in the cloud, IT should work with them to know exactly which services they are leveraging. This way, IT can vet those services and ensure that they align with an organization's security policies and make one or  two the corporate standard. Collaboration between IT and users, then, can make it possible for users to have the experience they want and IT to have the security it needs.

Read more about anti-malware in Network World's Anti-malware section.

Tags: security, Networking, wireless, Wireless Management, anti-malware

While Heartbleed distracts, hackers hit US universities

MORE IN Access Control
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Business Continuity Management Solutions

Automate business-continuity and disaster-recovery planning and enable crisis management in one solution.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.