Key Mobile Admin Features That Enhance Enterprise Security
Enterprise security is one of the priorities of any business that has a mobility strategy in place, whether the devices being used are owned by the company or part of a BYOD (Bring Your Own Device) program.
Google has their own Android Enterprise management tool to implement security features, but offerings from other vendors are also available. (1)Here are some of the key features that are needed to ensure the security of your business when working with mobile devices.
Stopping Data Leaks
Once a user account is set up with appropriate permissions, it should be up to the administration team to control it. Due to the way some mobile devices work, there may be ways around this.
The key features needed here are the option to deny users the ability to create or modify accounts, along with blocking attempts to change user credentials. Further, no physical external storage devices should be allowed to connect, including hard drives and USB storage devices.
Further, USB debugging should also be blocked as this offer the potential to transfer data too. (2)
Preventing Unauthorized Usage
Using a passcode is a simple start, but unified passcodes – using the same passcode for personal and work accounts – should not be allowed. Smart Lock should be disabled, as this allows multiple ways of unlocking a device – the mere presence of a particular “trusted” Bluetooth device may allow the device to unlock.
Similarly, face and iris unlocking should be blocked, as these systems can be tricked, sometimes by something as simple as a photograph of a recognized face. (3)
One point that can be overlooked is the screen timeout length. Some users like to have a five-minute timeout as they may have information on-screen they like to read slowly. Others just don’t want to have to unlock their devices so often.
Unfortunately, if the device is put down and remains unlocked for an extended period, anybody could walk by and pick it up, immediately gaining access to all the data on the device. A short time-out period will prevent this from occurring by locking the device quickly. Enforcing this through the enterprise management security policy is the best way to prevent unauthorized access.
Setting It Up Correctly
Security for enterprise mobility can be very tricky to configure properly if it’s not something you’ve done before and keeping on top of it to ensure all the latest recommendations are enforced can soon become a full-time job in a company with a large number of mobile users.
Using the services of an experienced Mobility Lifecycle Management (MLM) company will minimize the amount of time you need to spend doing this while maximizing the security of your enterprise. With the added benefit of many of these companies providing technical support to your users, it makes sense to use professionals.
References