Getting Beyond Crisis: The Next Phase of Mobile Security
Since the onset of the global pandemic, nearly 76% of knowledge workers are now working from home. For many companies, this shift happened almost overnight, and we are unlikely to see a rapid shift back to offices anytime soon. If anything, companies may try to adopt a hybrid model that involves splitting time between home and corporate offices. In the near term, can enterprises securely enable a remote workforce through this time of uncertainty?
We know that workers of all stripes have struggled to stay secure and productive at home. They face unprecedented challenges, such as inadequate bandwidth, access to company resources, and increased cyberthreats. In fact, nearly 50% of organizations have reported an increase in cyberattacks since the mass shift to remote work began in March 2020.
As businesses begin to enter the next phase of mobile security, here are a few things to consider:
Keep enterprise data secure
Hackers view the pandemic as a huge opportunity. In March 2020 alone, Google blocked as many as 18 million COVID phishing emails per day. Hackers are building and mounting fake scam websites in a day. At the same time, many employees are working on poorly secured home Wi-Fi networks and personal devices. This makes it much easier for hackers to gain access to unprotected devices. Once this happens, bad actors can turn a device into spyware by taking over the camera, microphone, apps, and more.
That’s why it’s absolutely critical to deploy a solution like MobileIron Threat Defense (MTD) on any device that accesses enterprise data. MTD can prevent users from accidentally clicking on malicious links or falling prey to a phishing scam that can ultimately be used to gain access to enterprise systems.
People think they are more secure than they really are
Let’s face it, many users may be worried about security, but they don’t take the necessary precautions to keep their devices secure. They may think outdated antivirus software is adequate protection against cyberthreats. They may let their kids use the devices they also use for work. They may even leave sticky notes with passwords lying around. While user education is critical, you also have to ensure that only trusted users, devices, apps, and networks can access your business resources.
This is where zero trust security comes into play. By continuously monitoring the security posture of devices that access company resources, MobileIron UEM can ensure that any device that’s out of compliance can be blocked until the security issue is addressed. In some cases, like when a device has been lost or stolen, we may want to remove sensitive data or even completely wipe a device.
It’s challenging to get help from IT
With many employees working from home, they no longer have convenient access to the help desk. This means that when users struggle to troubleshoot device issues, network access, or app problems, they aren’t being productive. In the era of remote work, both IT and end users need better options to stay connected.
Tools like MobileIron Help@Work can help both IT and remote workers stay connected to reduce downtime that results from mobile infrastructure problems. Remote workers simply access the Help@Work app and an IT admin can view the device remotely and guide a user through a series of helpful steps or, on some Android devices, the admin can even remotely control the device.
Quickly onboarding users and devices is critical
This is often an overlooked process, but it can have a major impact on the employee experience. Today workers do almost everything on their mobile devices, and they expect immediate and seamless access to company resources. They don’t want to wait a week for a desktop. They also may want to use their own device, or at least use an OS or device they already know well. This is why BYOD adoption has skyrocketed in the age of COVID. However, it’s not just a matter of allowing employees to access business apps or data on their personal devices. You also have to keep their personal photos and files private. They don’t want IT tracking what they are doing outside of work.
This is why many companies have turned to MobileIron and AT&T Cybersecurity to enable BYOD. Our UEM platform allows IT to keep apps and data secure and separate on the device and prevent hackers from accessing business apps or escalating privileges. At the same time, IT can’t collect personal data on employees. So we enable both corporate security and employee privacy on the same device.
When it comes to managing devices that are owned by the company, we have even more tools to streamline the onboarding process. Thanks to programs like Apple Business Manager, Android Zero Touch, and Samsung Knox Mobile Enrollment, organizations can ship devices that will enroll with MobileIron and receive all of their apps and configurations as soon as they are powered on and connect to a network.
IT absolutely has to get rid of passwords
End users need to be able to do more on their own and rely less on IT. This is why we have to get rid of passwords, which are the Achilles’ heel of every organization. We know that passwords are insecure and kill productivity when users have to maintain a separate login to all of the apps they use. And thanks to phishing and other cyberthreats, passwords are still the number one cause of corporate data breaches.
We must stop this behavior.
Employees want a simplified login experience across all devices and apps, especially with so many of them working from home. MobileIron eliminates usernames and passwords with a combination of certificates and biometrics like Android facial recognition or FaceID/TouchID on an Apple device. To further simplify remote work, our per-app VPN Tunnel offers an amazing experience that allows users to access content behind the firewall by instantly authenticating with a certificate — no username or password is required. In fact, they don’t even know they have a VPN on their device, they simply open an app or navigate to a URL and Tunnel will silently do the heavy lifting for them.
Work with trusted advisors
The trends we are seeing in the marketplace require businesses to be vigilant about detecting mobile threats early and provide coordinated defenses against them. Yet, businesses want to focus on driving revenue up, costs down, and innovating all in a highly secure manner to delight customers.
Therefore, it is important to work with a trusted advisor like AT&T Cybersecurity, in partnership with MobileIron, on your journey to mobile security.
These are just a few things to consider as we strive to move beyond crisis management and manage remote work for the long haul. Want to learn more? Check out our recent joint webinar with AT&T!