The widespread popularity of smartphones among business users, remote access and the development of super fast connection networks such as 4G LTE and WiFi has fast tracked the need for policy for enterprise mobility solutions.
CIO’s and technology executives are continually faced with the need to meet the commercial demands of their organizations as well as balance the requirement for robust and secure environments in which their users can operate effectively, but the pace of change being experienced within the world of ‘mobility’ is fast becoming an issue when it comes to the latter.
At a recent meeting between senior IT leaders across both the public and private sectors, the general feeling was that effective enterprise mobility solutions could be defined as ‘how you get IT done’ and that mobility needs to ‘support the mission and be infused in the way agencies do business’ but, in terms of securing this agile and organic network, that all devices should be considered a hostile threat.
Organized by FedScoop, the group brainstormed their ideas for an effective strategy for how policy needs to be developed and incorporated and listed five points that should be considered to construct and manage a better, safer and more agile mobile IT environment.
1. Constant demand vs constant delivery
There is no denying that mobile devices have changed the way that we live our lives both socially and in business. The demand to access data is a permanent feature of their growth in popularity and is central to their success. As a result, more needs to be done to deliver ‘service without boundaries’.
However, it was also accepted that plans need to be developed to extend the capability and functionality of those not able to access WiFi and Wireless networks to benefit from the functionality afforded to other personnel. The potential of enterprise mobility solutions to extend beyond their current status as simple call, email and agenda syncing is vast and more needs to be done to extend its capabilities.
2. Data is King, give it an Outrider
The cybersecurity industry has long been treating static environments as strongholds and defends them as such. The need to move the mindset to reflect the fact that it is the data exchange and traffic, which needs to be policed, is now more important than ever. If the data is in motion then so too must be the defenses. The consensus of the focus group was that IT departments need to take a holistic view of their networks and the flow of data within it and to assume that, as all devices pose a threat, that protecting the traffic from end to end was the most important way of mitigating risk.
Monitoring, planning and investing in secure coding as well as creating responsive and adaptive infrastructure are all key factors in securing mobile networks.
3. Adopt cohesive procurement strategies
Business users are consumers, and, therefore, expect a great deal of choice in their selection of mobile computing. As a result, organizations have adopted a policy of choose/bring your own device without considering the wider impact on security as well as reliability, functionality and adaptability. The group concluded that maintaining a coherent but flexible procurement strategy for mobile technology would go a long way to assisting IT departments in maintaining a more secure and adaptive working environment.
The feelings of the group were that traditional models for procurement took too long and, as a result, excluded new to market technologies as well as locking in policy, which denied the business the opportunity to remain agile, responsive and flexible.
4. Start with good housekeeping
In order to move forward with a cohesive strategy and policy for secure enterprise mobility solutions it is necessary to start with the front line defense- the user. They are the important stakeholder in security policy and need to be educated and empowered with the right information and tools to help defend the mobile network.
Security is not enhanced by top-down commands and writs as these inevitably become out of date and do not keep up with the pace of both the business and the threats. Individuals should be encouraged to show creativity with problems and to take risks (within policy) to keep track with evolving technology.
5. Policy should be simple
Governing such a fast changing landscape can be a struggle and with mobile technology being such a diverse and organic field, the group was in no doubt that complex strategies are out. What is needed is clear, precise and simple policy to establish standard guidelines that work from the ground up, can be adaptive to change and provide adequate measures to deliver a robust and secure enterprise mobility solution.