One of the scary things about focusing on data security in a mobile enterprise environment is the number of frightening statistics. A 2017 Ponemon Institute study found that 63% of organizations have no confidence, or are not confident, they have knowledge of all of the mobile and IoT applications in their own workplace. Being proactive in securing data is a rare tactic, according to the study. While 84% of the organizations are very concerned about mobile malware attacks, and 66% about IoT applications, more than two-thirds say their organization has not allocated sufficient budget to protect these devices.
A mobile workforce, one accustomed to an application-driven environment in their personal lives, to an IoT ‘smart’ living world, and to working while sitting in the back of an Uber, is now the new normal in enterprises. This shift to a mobile and IoT-centric workforce is gaining speed. According to a report from analyst firm IHS Markit, the number of connected IoT devices globally will reach 20 billion in 2017. The industrial sector will account for nearly one half of new connected devices from now until 2025, the firm states.
Today’s mobile workers demand flexibility and easy connectivity in their work environment, have little regard for a traditional desktop, and have little patience with managers trying to block this freedom. Witness the ‘shadow IT’ dynamic in which data breaches occur because a worker went outside the secure network and enabled unauthorized executables to enter the environment. Shadow IT is an indication that enterprises are behind the curve in facing the reality that workers are using any device they desire and security isn’t always top of mind.
There also have been studies that show talent retention is now linked to how well enterprises are keeping up with mobile workers and all digital transformation needs. If an enterprise is slow in the game, talent is moving to a more digitally friendly place.
As mobile and IoT reaches deeper into day-to-day business, including manufacturing, retail, healthcare and transportation, it’s imperative to examine these endpoint devices and look at ways to not only improve security, but also give mobile workers a consistent device experience that most closely resembles the way they like to live and work.
On the security side, it’s time to move the needle upwards from the less than 30% ‘insufficiently prepared’ to a percentage that more closely matches the 84% of organizations Ponemon states are ‘worried about malware attacks.’
Here are five strategic technical developments aimed at improving mobile data security and endpoint experience:
- The New Thin Client Model. From the days of ‘dumb terminals’ and limited endpoint capability, thin clients have evolved significantly to where they are now reaching performance parity with PCs. Software driven, the thin client is no longer tied to a desk, thereby answering the need for mobile workers to have a complete desktop experience, whether working from a remote office, traveling, or at home. These thin clients access a ‘virtual workspace’ that provides workers with all the applications they need to be productive. They deliver a satisfying virtual experience, thus mitigating the risk that mobile workers will try using systems that are unprotected, unencrypted, and therefore dangerous.
- Device and Network Awareness. Relevant to the ‘shadow IT’ dynamic, thin client providers are developing new features to prevent unauthorized access. Through sophisticated device management techniques, these systems can automatically lock out devices in much the same way that Network Access Control manages network access. Thin clients are profiled based on attributes like network, locale or user. As these devices are evaluated, they will simply reconfigure themselves and cease to function when they are not operating within defined parameters.
- Mobile Device Management (MDM). Allowing mobile workers to access applications via public clouds is creating new challenges and security risks for all organizations. The MDM concept is gaining popularity as a means of controlling and managing endpoints outside of the corporate [private cloud] network. Organizations can keep watch on which employees are using what devices, how they’re using them, and restrict what they are storing. Features such as remote wipe and remote disable can help prevent unauthorized executables, the pathway to malware.
- USB Controlled Devices. Whether at a corporate headquarters desktop, or in a café on a mobile device, few workers require the full function of a PC or laptop to do their job. One way to further manage security is by providing the mobile worker with a USB-bootable managed thin client. The user simply boots to the USB device to run their PC as a thin client, accessing virtually only the desktop applications for which they have authorization.
- Data Center Security. Thin clients are an effective risk management tool because they are simply access devices used to display virtual desktops and applications. They do not store data locally, and as a result, thin clients help ensure end user data, business critical information, and intellectual property stay in the data center where they can be properly protected. Compare this approach to a PC, laptop, or tablet where the simple existence of local data storage creates unnecessary risk that can leave an enterprise vulnerable to a breach.
The evolution of the mobile workforce, mobile applications, and the fact that IoT is becoming omnipresent in day-to-day business operations is prompting organizations to look at how to satisfy worker needs and prevent cyberattacks, while giving workers an endpoint experience that mirrors their personal lives. They’re looking to advancements such as thin client technology and mobile device management, resigned to the fact that mobile and IoT is the new normal.
In parallel, organizations are realizing they need to advance their security game and gain far better control over mobile device usage. Evolving to a software-driven thin client model offers IT tighter access controls on these edge devices, while providing freedom of use for mobile workers.