Last week a colleague of mine Martin Casado the SVP & GM of VMware NSX division testified before Congress that the country’s cyber security defenses are “insufficient.” This is also very true for most organizations as they aim to achieve some measure of mobile security. As mission critical business workflows become more mobile and cloud, yesterday’s security protocols and measures designed for the PC era have become totally archaic.
As new cybersecurity threats surface it’s evident that a new approach needs to comprehensive and integrated. Who could have imagined the Stagefright bug that targeted nearly every Android device just a few years ago? It’s clear that mobile security now cuts across all areas of an organization – the business, users and IT. Mobile security has to be adaptive, predictive, contextual, behavioral learning with a rock solid compliance engine.
Take a step back and think about how mobile security has changed. Mobile security basically started off as MDM that evolved into EMM that now includes network security, identity management and threat management.
Who knows where it will be in 2020. One thing we know for sure is that it is constantly evolving like the late great David Bowie.
So what are the four essentials required when transforming your organization for mobile security success?
- Identity Management
- Enterprise Mobility Management
- Data Center Security
- Mobile Threat Management
This is the future of application access. Think Tom Cruise in Minority Report. It has to be biometric, facial recognition, etc. A friend of mine recently said Apple Pay wasn’t safer than him using his credit card. I had to remind him that anyone could theoretically get his credit card and ID to make a purchase but it would be significantly harder for them to use his phone and his hand. By the way, password management is not identity management. Let’s be clear about that. If you still don’t understand why identity management is important to mobile security, then I have some magic beans I would like to sell you.
Enterprise Mobility Management
Despite past reports MDM is not dead. Yes, it has been commoditized but it is absolutely essential for ensure mobile device compliance. Every IDaaS vendor adding this to their tool bag is a sign that MDM is still important and will continue to be around for a long time. Couple that with application and content management you also need a compliance engine that can support the broadest set of mobile operating systems and devices including but not limited to mobile devices, laptops, and iOT (internet of things).
Data Center Security
If your organization has not been the victim of an attack or at a minimum an attempt, then you’re either not relevant or in denial. According to NBC we’ve created “The Internet of Hackable Things” as we’ve connected a ton of things to the internet. Great benefits but more channels for hackers. It’s essential now to limit your blast radius from potential cyber-attacks. Micro-segmentation for mobile workflows is key to restricting a hacker’s movements to just one section of the IT infrastructure after a possible breaching. Don’t believe me…just ask Sony.
Mobile Threat Management
Adding adaptive, predictive, contextual and behavioral learning capabilities to your mobility deployment is the last piece to a comprehensive mobility strategy. If a user logs on to a resource from China after logging on to another resource in the United States 30 minutes earlier, you should know. No one travels this fast unless they’ve found a way to manipulate the space-time continuum. Threat detection has to be working alongside your compliance engine. What good is an error message if no remediation occurs?
Preparation is Key
Mobile security has evolved and if you’re responsible for security for your organization you need to make sure your methods have evolved to. These four essentials should absolutely be integrated and work seamlessly together with a industry leading compliance engine for comprehensive mobile security. As Benjamin Frankin would say “By failing to prepare, you are preparing to fail”. Prepare well my friends.