In a recent report, Ovum revealed that 47% of employees now use their own smartphones to access corporate data, a quarter use a tablet, and eight percent use wearables to access information in some form. It’s clear, from these numbers, that BYOD is pervasive in business today. But as the number of people using the same device for their business and personal lives increases, so does the threat to network security.
Beyond single, fixed policies
Today’s mobile devices are now vulnerable to the types of attack previously reserved for desktops and laptops. Smartphones contain multiple apps full of sensitive personal and corporate data, which makes them a significant target for malicious attack. In Q2 2016 alone, nearly a third of executive mobile devices were exposed to network attack (source: Skycure Mobile Intelligence Threat Report”, Q2 2016): nearly the same number were infected with malware.
The solution is not a single, fixed security policy. What’s required is a consistent but flexible set of guidelines that are wide-ranging enough to cover all the apps that your staff use on their mobile device, both for work and personal use.
By policy, I mean a set of rules that defines, firstly, authentication procedures for users and, secondly, access rights for individual users to certain types of data – for example, whether a user has permission has editing rights or “read-only” access to certain files.
But this kind of flexible access and management policy by itself is not enough. With BYOD and mobility increasingly the norm, containerization plays a significant role as well.
Containerization involves installing an authenticated, encrypted area on a user’s mobile device – called a container – that can be used to protect and insulate sensitive or valuable apps and corporate information from unauthorized access or malicious attack. The container is a mobile application that separates and secures a partitions a device’s storage from the rest of the device. An organization can then install and store specific apps within this container, for its workers to access and use safely and securely, according to their particular access rights.
The container keeps corporate apps and access to the network separate and, most importantly, protected from the user’s own personal apps – and by extension, any malicious threats that they might pick up while using them.
Implementing multi-factor contextual authentication
Of course the use of a secure on-device container is only one half of the puzzle. The other half (that is typically overlooked) is robust authentication.
Multi-factor contextual authentication can in a single process identify and allow authorized users to securely access their device, apps, data and files in a way that is fast, convenient, and simple. Users are only challenged for further credentials or proof of identity when and where the context of their situation warrants it.
An integrated approach
At Synchronoss, we advocate a flexible, intelligent approach to device security that incorporates security at every level – the device, the apps on it, and the corporate network that it connects to. With secure contextual authentication and containerization both in place as part of a wider, robust and flexible management policy, workers and companies alike can properly benefit from the productivity and responsiveness that secure mobile connectivity enables.
Read more about how contextual authentication can reduce the BYOD mobile security threat in my latest article for Enterprise Apps Tech.