The biggest risk of mobile computing continues to be unauthorized physical access to the device as a result of loss or theft, but threats of viruses to mobile devices continue to grow. The vulnerabilities of these smartphones and their unprotected applications allow easy access into the enterprise’s systems and data environment.
Mobile device/information management (MDM/MIM) solutions are one type of technology that can be implemented. They generally have some method of device registration, monitoring and remote wipe in case of loss or theft. More advanced versions of these management suites include the ability to create separate, encrypted data partitions to store and access corporate data. Another advanced option within MDM/MIM solutions include data leakage prevention (DLP) functionality. DLP software provides some protection for end-users and applications copying and distributing proprietary and confidential information.
Still, these security solutions – which primarily address the physical and logical perimeters of IT systems and applications – are insufficient because devices are configured to bypass them to allow communications to critical enterprise resources and access to internal applications and data.
In addition to device-based solutions, a forward-thinking company should factor in data security. To mitigate the risk of data loss, theft and corruption on mobile devices, it is important to minimize, if not eliminate, all assets from being stored on the device. Development of web-based applications that can be accessed and viewed via mobile browsers allows companies to concentrate on higher levels and availability of server-based authentication and access security solutions. Maintaining data at the servers – rather than pushing it to the devices – decreases the possibility of data loss and centralizes the security administration, resources and tools within hardened data centers.