Take our FREE 30-Day Trial with no obligation required.

Experience for yourself why MaaS360 is a leader in MDM Solutions.

Divider

Fill out your information below to start.

Your email and personal information are confidential, and will not be sold or rented. See our Privacy Policy for more information.

Loading...
Loading...
Click here to hide

MaaS360 by Fiberlink

BYOD: Overcoming Risks Posed by Cloud-based Services

As cloud services continue to develop and bring your own device (BYOD) spreads its wings, how should organizations shape their strategy for managing their mobile workforce?

BYOD: Overcoming Risks Posed by Cloud-based Services

by Pragati Chaplot Jain | August 29, 2012

The epic account hack of Wired Journalist Matt Honan has been talk of the town. I can recount stories of employees putting their organization's reputation at risk through negligence, but never realized how easily our digital lives could be threatened. This incident serves as a good reminder of smartphone best practices, and the importance of data backup and encryption. It has also raised questions about the security of data in the cloud. Are cloud-based services well-understood? Are they worth the risk? Do they decimate data security?

Within the past decade, cloud-based solutions and services have gained popularity for their access via the Internet. This blessing has turned to a curse in mobile environments where the end users or mobile workers do not practice safe methods for accessing their data and leave open security holes for the cyber criminals to exploit. A worker’s careless attitude or negligence only adds more complexity to an enterprise’s environment.  

As cloud services continue to develop and bring your own device (BYOD) spreads its wings, how should organizations shape their strategy for managing their mobile workforce?

Creating a self-service system

Cloud-based services in the mobile world have allowed enterprises and vendors to take computing to a new level by allowing seamless navigation of data from the cloud to the devices and vice-versa. Today’s workers are connected to their colleagues at work even from afar. However, enterprises must deploy strategies that grant IT control over endpoint connectivity, supplanting the existing reliance on end-users to do it themselves. Unsecured connectivity choices such as public open Wi-Fi hotspots only exacerbate data security problems.

Protecting data on mobile devices

With the inception of mobile devices, the mobile workforce is a growing community in many enterprises. No doubt, the devices house both personal and enterprise sensitive information. Thus, maintaining visibility and protecting the data on the device is an important deliverable of a mobile cloud management strategy. If the device gets lost and the sensitive data is leaked, the mobile device management (MDM) tool must allow IT to track it and perform a remote wipe of the device.

Stemming from the fear of losing all personal data contained on the device, some customer forums have denounced  the remote wipe feature and discouraged employees from enrolling their device in their organizations’ MDM solution. It is the responsibility of business executives and IT management to educate their employees on the ramifications of bypassing enrollment. This conversation should include an explanation of content management strategies for securing and retrieving their personal data in case of any mishap.

Controlling the enterprise mobile app ecosystem

Cloud-based services such as Google Docs, Dropbox, Sky Drive, Pocket Cloud have empowered employees to remain connected with their colleagues at work and access corporate resources anytime, anywhere. But unmonitored download activities can also act as a gateway for malware and other phishing attacks. Thus, along with protecting the device data, having visibility and control of the mobile app ecosystem is useful in an efficient mobile cloud management solution. Another strategy is to customize or create in-house thin applications that pull out only the required data from the cloud.

Defining a policy for your mobile ecosystem

Another curative mobile cloud strategy for enterprises is to deploy a transparent policy management system that monitors the behavior of their mobile workers. As users continue to use services to upload their phone data to the cloud, IT admins must conduct a risk assessment of their landscape and form a mobile strategy that includes data leak protection, data backups across devices and servers, corporate communication over a secured tunnel, two-factor authentications between devices and corporate resources. IT administrators must deploy mobile device policies to:

  • State the type of content eligible for storing in the cloud
  • Monitor the type of data being uploaded into the cloud
  • Define which enterprise applications may be accessed from the cloud
  • Deny data access to  former employees
  • Enforce data encryption on the mobile device

If you run your IT systems from and within the cloud, it is highly recommended that you deploy tasks for creating mirror images of the enterprise data residing in the cloud.  

Managing data access costs

For a good return on investment in cloud-based services, it is important to control access costs incurred by mobile workers. For example, if a mobile worker is an area where he has 3G service as part of his data plan and ends up using a paid wireless connection, it could lead to an unreasonable increase in spending. Thus, it is important to carefully monitor and control the investment in data plans.  One of the curative approaches is deploying a mobile expense management (MEM) solution that provides relevant notifications to a mobile worker of the different data access options he has for a given location and suggesting the best access option.

Reliable cloud data security can be instituted with careful planning and investment. What is your enterprise mobile strategy for monitoring cloud data security? Please share your experiences and challenges with mobile cloud data management.

, , , , , , , , , , , ,

vidcloudSec200x157

Cloud Security 101

IT is moving to the cloud, but are the security, legal and privacy implications of the move to a serverless organization well understood? This question increases in significance as bring your own device intersects with mobile device management on the IT roadmap.

Read more...

Post a Comment

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments

Get Involved!

Sign in using one of your existing social accounts.

...or manually register for a new account here.

@MaaS360 on Twitter more...

Most Active Users

vhetrick
Ryan_Roth
jharrington
Joe Pappano
bcampbell
Donna Lima
jwittkopp
KaylaBittne...
manthony
Kumar A
Sobek
Fov
TRUSTe European Safe Harbor certification TruSaaS
© Fiberlink Communications Corp. All rights reserved. Privacy Policy
All brands and their products, featured or referred to within this site, are trademarks or registered trademarks of their respective holders and should be noted as such.