‪Debunking four mobile security myths‬‬‬‬‬‬‬

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Even with the rapid adoption of mobile in the enterprise, there are a lot of misconceptions about user privacy, security and compliance.  We debunk the most prevalent mobile security myths.

* Myth 1: Mobile Device Management (MDM) is the cornerstone of my mobile security strategy

MDM has come a long way in helping facilitate the use of mobile devices in the enterprise. However, the device-level insights that MDM provides produce only a small subset of the information necessary to make strategic security decisions. Enterprises need comprehensive visibility over their entire mobile data ecosystem the device, the app, the network, etc. and not just a device-level solution.

Data on the device is only half of the mobile security challenge data migration to the cloud being the other half. Enterprises need a mobile security platform that not only protects data everywhere, but also empowers users with the apps and devices that they want to use. With a comprehensive solution organizations will have the necessary visibility, control and threat intelligence to deliver on a comprehensive mobile security strategy.

Myth 2: My Mobile Data Is Only On My Mobile Device

Enterprises often believe that their mobile data is stored only on their device but in reality, data can go anywhere (and ultimately does go everywhere), and enterprises have no way of tracking or protecting that data.

IT needs to begin viewing data security, then, as the first line of defense (not as the last). A mobile security approach that provides IT with visibility into which data has crossed the boundary of the enterprise and where it has gone will allow IT to make the necessary informed decisions about how to control that data. And because the controls are tied to the data, the user's native app experience will be left untouched, allowing the user to take full advantage of their capabilities.

Myth 3:  Avoiding BYOD will ensure that my data is secure

Over 28% of corporate data is accessed through mobile devices, and this will only continue to trend upward. Users access this corporate data with specific apps, manipulate the data across multiple devices, and potentially store it in the cloud. Regardless of whether your organization chooses to implement BYOD, your employees will continue to use their own devices to access corporate data when they want to. For this reason, it's best to rely on solutions that secure more than the device.

Myth 4: IT should dictate where my data goes

Mobile security begins with information gathering and ends with ensuring that IT and your employees are cooperating effectively. IT teams must look for visibility solutions that fill the knowledge gaps--where users are using, storing, and sending data--before going down the path of putting control policies in place.

For instance, if an organization's users are storing data in the cloud, IT should work with them to know exactly which services they are leveraging. This way, IT can vet those services and ensure that they align with an organization's security policies and make one or  two the corporate standard. Collaboration between IT and users, then, can make it possible for users to have the experience they want and IT to have the security it needs.

Read more about anti-malware in Network World's Anti-malware section.

Join the CSO newsletter!

Error: Please check your email address.

Tags NetworkingsecuritywirelessWireless Managementanti-malware

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Caleb Sima, CEO, Bluebox Security

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place