Devices, Devices, Devices everywhere – it’s time for next generation “Mobile Device Management as a Service”

As mobile devices continue to increase in both variety and number, it seems to me it is a good time to revisit mobile device management (MDM) strategy. MDM has been around since mobile devices came to the fore, but because of the rapidly changing nature of the mobile landscape, it has had a hard time keeping pace.

A quick definition; MDM policy and tools secure, monitor and manage mobile devices throughout organizations and across various platforms, networks and operators. However as mobile devices have become ubiquitous, both at enterprise and consumer level, there has come a need for MDM to evolve too, to offer greater control and confidence to organizations without compromising all the benefits of the modern mobile user experience.

So what is it that has changed the landscape the most? Well, quite simply, it is the sheer number of devices. The mobile experience is no longer simply about a phone – it’s now smartphones of numerous types and operating systems, tabletsphabletsultrabooks, wearable technology and much more besides. This is the new ‘mobile’, this is now how big mobile is. Over two-thirds of people say they use personal mobile devices in the workplace today. This is what MDM has to cope with.

more devices, more data, more risks

So as mobility takes hold in the enterprise, and more and more critical or sensitive corporate data is at risk of being transported into the public domain by accident or design, the need for a comprehensive MDM approach becomes essential. Global companies want to design and implement global security policies that keep their data as free from threat as possible, but how do you achieve this in the face of such massive mobile device proliferation?

The threats are clear. While it is not really all that long ago that malware, Trojan horses and viruses were considered the chief menace to corporate data, mobility has today brought with it a whole raft of new, more subtle, dangers. Lost or stolen mobile devices and insecure communications now rank high on the list of information security professionals’ worries, and without the right tools and policies in place can be more damaging. Organizations can only realistically secure and control the threats that they know about – mobile devices in the workplace are more difficult to track and maintain in the enterprise environment than inward-bound attacks.

So the main threat is as simple as staff members using their personal devices to access corporate data – with or without their knowledge or intent – and then taking it outside the network. The traditional walled garden is now so compromised as to be obsolete. Nine out of ten executives recently confessed to accessing corporate data on their own mobiles – so how do organizations deal with this fast-growing problem?

everything needs to be managed

Everything is mobile and everything needs to be managed. This is the premise from which to start. Smartphones, tablets and phablets in the workplace, ultrabooks as replacements for traditional laptops, and while not so common just yet, smartwatches and other wearable technology like Google Glass will soon enter the workplace and fall under the remit of the IT department. So an organization’s MDM strategy needs to be robustwide-reaching and most of all progressive – it needs to be able to grow with the rapidly changing landscape.

Furthermore, the rise of the Internet of Things (IoT) and its accompanying machine-to-machine (M2M) communications will also play a part. The IoT means yet more mobile devices, all communicating over the network and all in need of management. The connected car is now a reality and gives mobile employees a new workplace, while other M2M devices that can also store data will need to be managed. So organizations need to address all of these developments, both cost-effectively and efficiently.

on-premise or in the cloud?

Traditionally, MDM policy forming and implementation would be done at ground level, on-premises, so that the IT department could be involved in each step of the process. However, a comprehensive MDM strategy has many bases to cover, and with more mobile devices than ever entering the corporate environment, even the most efficient IT department could find itself stretched too thin. There is basic encryption of devices required, protection against data breach should a device be stolen or lost. Corporate app stores are gaining popularity as a means of controlling the applications that users can install on devices, but more devices with more operating systems again means more complexity here.

So in the event that in-house resources are insufficient to cover MDM on premises, we turn again to the cloud. The benefits to enterprise of cloud-based solutions are well-documented, but when it comes to MDM, the cloud model brings with it the big benefit of lower set-up fees – CAPEX – but also lower ongoing OPEX as well. Cloud-based MDM – or in fact as it is becoming known, MDM as a Service – can give organizations scalable mobile device management on-demand, so they can use it as much or as little as they need to. As mobile devices continue to evolve and end-users continue to lap them up, the flexible MDM in the cloud solution, provided by a specialist partner, looks like offering a highly desirable way ahead.

Original Publication  

 

Private life in the Cloud

We live in a world of cyber security threats: hackers breaching organisational firewalls, Wikileaks publishing private state documents, and employers tracking cyber activity for productivity sakes.  Privacy, in relation to digital data, is a hazy topic.

The internet alone is increasingly being used as a medium to collect information for consumer profiling. According to Nielsen’s 2013 Australian Online Consumer report, 17.2 million Australians accessed the internet in the month of July and spent an average of 38 hours online across 60 sessions.

As more and more Australians surf the internet, check their mail, shop online, apply for jobs, or simply socialise with friends, they are leaving a trail of digital data that for some people is a gold mine. This includes email services like Gmail, file storage services like Dropbox, photo galleries like Flickr, and the list goes on. And this is not just on PC’s: laptops, smart phones, tablets, and televisions with internet capability all leave a cyber-trail.

When March 2014 hits, easy access to digital data will no longer be the case. Australia is about to get tougher on its privacy laws: effective March 2014, the 2012 Privacy Amendment Act will require that all Australian organisations, regardless of size and industry, implement open and transparent policies for managing personal data. This may seem simple, but it opens a crevasse of questions: how did you obtain this person’s contact details? Were you transparent in your original address? How are you storing these details? What is the purpose of collecting personal details? Are you sharing them amongst your organisation or more broadly?

These questions relate not only to your employees, but to everyone your organisation interacts with: stakeholders, customers, past employees, marketing databases….and the list goes on.

With the clock ticking, there is less than a year remaining until privacy is changed forever. Yet the implication of privacy is rarely discussed.  The question is: are businesses prepared? The answer is, more likely than not, no. If personal data is not adequately handled, organisations may be liable and can be imposed with fines of up to $1.7 million for an organisation and $ 370,000 for an individual.

As the generation of digital data continues to grow exponentially, it provides challenges for corporates to correctly manage, store and secure it. The pressure is on and the onus is on all companies to evaluate:
– Who ‘’owns’’ the privacy realm within their organisation?
– When was the last time an organisation reviewed their privacy policy?
– And if they have the necessary approvals to use third party data?

Achieving data privacy is a challenge for all organisations and the amount of work that needs to be done should not be underestimated. There is no time like the present to consider how to manage risk involved– what is lacking, what policies need to be put in place, and what needs to change.

1) Conduct a Privacy audit
Organisations need to implement a privacy audit which evaluates the type of sensitive information held by an organisation. This sensitive information can refer to employees’ personal details such as their tax file number or Medicare number and includes whether or not you have the rights to audit and access information, as well as the timely return of information when an agreement ends.  Analyse each aspect of this process which includes the collection, retention, use, and disclosure of personal information and determine risk levels. In cases where an organisation uses a cloud provider, it is important to understand who the stakeholders are, what their roles and responsibilities include, and where data is located and replicated.

Ask yourself: is third party data simply stored or is it being mined for advertising and marketing purposes?

2) Data protection and privacy impact strategy
Develop a comprehensive data protection and privacy strategy which focuses on integrating data protection and privacy processes while sustaining efficiency and long-term growth objectives. An organisation’s privacy strategy needs to be integrated with the overall risk and project management framework. It is also equally important for organisations to update their privacy policy regularly and seek input from legal advisors with specific knowledge regarding privacy laws where needed.

Ask yourself: what happens in the event of a data breach?

3) Create privacy policies and procedures 
Develop policies and procedures that clearly state the importance of protecting sensitive information stored in-house or in the cloud which complies with the requirements of the Australian Privacy Principles (APPs).  An organisation needs to take measureable steps to protect the personal information it holds from misuse. This includes mechanisms to protect and manage the information, including disaster recovery processes to protect against data loss. An organisation’s legal advisor needs to fully understand the nature of both the cloud and privacy requirements and should be able to tailor the legal protections in your agreement.

Ask yourself: what are the privacy policies that your organisation needs? Understand your key areas of weakness so you can develop a plan to protect data.

4) Ensure accuracy and transparency of all personal information held 
Personal information collected by an organisation needs to be accurate, complete, and up to date. Customers should have access to their information and make corrections if required. For instance, if an organisation holds a database which records the phone number and address of its customers, a process needs to be put in place which allows customers to change or update their details.

Ask yourself: when was the last time you updated your customer database?

5) Appoint a policy offer and train employees to mitigate security risks
Monitoring employees to ensure that privacy policies are applied will be very hard to manage on a daily basis. Transferring knowledge to your employees will identify weakness and help mitigate security risks. This is no simple task. Look at appointing a policy officer that trains employees and regularly monitors content and activity to prevent any violation.

Ask yourself: is it worthwhile hiring a policy officer to ensure that a breach does not occur?

But this is just the beginning. Let’s throw a spanner in the works.
Consider all of these advances in the context of data stored in cloud. The list of considerations and concerns gets infinitely bigger. There are different approaches to how privacy is interpreted when it comes to data stored in the cloud space. The following is a general starting point, but not specific advice, as individual circumstances vary and need to be looked at in more detail.

– The Infrastructure as a Service (IaaS) model, where the service provider is responsible for housing customer information and is not involved in any handling or processing of personal information. In this case all obligations to privacy are held with the customer.

– Software as a Service (SaaS) model, where the service provider is responsible and plays an active role in handling and managing customer’s personal information. In such cases, the service provider needs to obtain consent from the customer to hold and or use this information.

– Platform as a Service (PaaS) model, where the service provider delivers tools to enable customers to deploy applications. The service delivery model means that customers need to use best practices and privacy–friendly tools.

Privacy remains a critical component for Australians doing business or simply engaging online. We are entering a challenging new era as tougher privacy laws come into effect. While some Australian companies have already initiated the ground work, others have simply turned a blind eye.

Business owners who want to mitigate risks without sacrificing their ability to do business need to start addressing where they currently stand in relation to digital privacy. Assessing the business structure now will identify strengths and weaknesses, and set the wheels in motion for the new privacy approach.

Original Publication

 

Seven technology predictions for 2014

The year 2014 will be where current trends will accelerate the transformation already underway in how we consume information and do business and live. Organisations will need to evaluate their information strategy to take advantage of the emerging opportunities.

Here are seven trends to consider in the New Year:

Trend # 1 – the era of personal cloud

The cloud has exploded in popularity over the past few years, as companies exhaust backup, storage, network, security, and management systems. Consumer awareness of cloud storage is now increasing and usage is following suit.

Despite concerns that many industries have about cloud storage ability and their willingness to keep information secure, consumers will have little choice but to keep more information on these systems as opposed to their hard drives.

The push for more personal cloud technologies will shift toward services and away from devices. As mobile applications crowd the market, personal cloud services will become the new hub for content.

The risk for organisations is that being a consumer and being an employee is separate, but will the use of personal cloud be? Will someone taking a Friday off to work from home save documents to their personal cloud, which has different security measures to the organisations cloud, and put at risks the secrets of the new client pitch or new product development?

For 2014: Consider how personal and organisational cloud will interact for your business. Could they be at loggerheads before you have time to prepare your policies and inform your employees accordingly?

Trend # 2 – biometric authentication to replace passwords

Long gone are those days where a single password acted as a secure means of authentication. Today, a basic password takes minutes, if not seconds to break through. A string of characters can no longer keep your accounts and devices secure.

When was the last time you created a new password? As you were typing it in did a bar on the right hand side tell you whether it was weak, medium or strong? How many upper case letters or numerals did you include? Did I use the dog’s name or my favourite summer holiday spot for my internet banking password?

We are in the age where each and every person needs a little black book for their infinite passwords. But what happens if we lose the book?

The rapid proliferation of new devices has created additional security requirements for organisations attempting to increase its presence in the online market.

For enterprises that have not revisited their authentication strategies in several years, it may be time to take a fresh look. As identity becomes the driving force behind new security paradigms, biometric authentication will become the new practice as fingerprint and eye retinal scans become a part of our everyday activity.

For 2014: Be prepared! Adopt a security strategy built on advanced authentication techniques that will manage user access. Encourage regular password updates and educate your employees on what a strong password looks like. No dog names allowed.

Trend # 3 – out with the old and in with the new: embedded technology

Embedded systems are part of our daily lives. Can you imagine your life today, without a smart phone for communication?

2014 will see an uptake in embedded technology as the pressure will be on to add more intelligent functions into devices. The technology that initially drove mobile phones is now driving the adoption of smart devices. Touchscreens, smaller gadgets, and high performance sensors are just some of these innovations.

Wearable technology is a trend that will embrace the workforce. It is already starting. There will be more productivity apps in wearables as medical professionals begin using devices that overlay images on goggles. Google Glass is just the beginning, with other inventions to monitor, anticipate and feedback, well on their way.

For 2014: Anticipate the evolution of everyday products as technology becomes cheaper, smaller and more energy efficient. Technology will lead to automated homes, intelligent automobiles, smart buildings, and ubiquitous measure / control systems. How can your business embrace and jump on board?

Trend # 4 – go mobile or go home

The bring-your-own-device (BYOD) trend has completely changed the way businesses work. Executives using devices such as smartphones and tablets to access the corporate network is quickly becoming ubiquitous with an uptrend in remote working.

According to a report by Gartner, 70 per cent of mobile professionals will conduct their work on personal smart devices by 2018. The increase in mobile devices will challenge technology and finance departments as they try to manage mobile devices. But what type of personal smart device? Where are the tablet / smart phone headed? We are at the beginning of what the future world of personal smart devices might look like. If left unmanaged, BYOD can lead to data leaks and loss of control, which could potentially result in legal penalties.

With BYOD, the genie is out of the bottle as users expect to be online in more places at high speeds and with robust security levels. With the right solutions in place, BYOD can create new exciting opportunities.

For 2014: Create a clear policy around BYOD strategies that encompasses enabling secure, trusted, and convenient access. Be sure to implement a security model that has minimal impact on an employee’s experience, whilst maintaining the same security standards that your organisation upholds.

Trend # 5 – do more with less: the future is in M2M technology

Machine-to-machine’ (M2M) communication has given businesses the capability to monitor, control, or manage the operation of remote equipment. Today, M2M services have entered a renaissance period, playing a significant role as new products communicate with each other wirelessly without any human intervention.

This deregulation in the market will eventually garner new opportunities making it possible to map and monitor an entire system of remote hubs which could be anything from a building to a vehicle, to a fully armed security system.

The Internet of Things will enable devices to communicate with each other, while working out problems without interference. For instance, an M2M device will be able to automatically control the temperature of an air conditioner, while switching it on or off when required. These core capabilities will reduce error, save time, increase efficiency, and generally optimise the performance of any physical system.

For 2014: Maintain a strong and clear position in the market by developing plans and procedures that incorporate M2M technologies NOW rather than later. Prepare your organisation for change.

Trend # 6 – the new age of apps

With the continued growth and inescapable presence of BYOD, individuals have the capability of accessing all sorts of applications and information they need using their own devices anytime and anywhere.

Consumers are more technologically savvy and flock to app stores linked to their mobile platforms and devices while companies are investing in apps almost every day.

From 2014 onwards, there will be an app for almost everything, from everyday bills to mobile banking and much more. Something as simple as karaoke, which used to be entertained in restaurants is now a downloadable app. The same applies to music, where consumers can listen to unlimited songs using the appropriate app. This innovation will continue to increase, with the app market expected to reach $38 billion in just two years.

Propriety apps will become common, as more and more employees create and develop apps that support their business.

For 2014: Consider individual user’s needs for mobility, and get involved in the discussion. Organisations need to adapt their digital marketing campaigns to fit the small screens and the evolution of the app world.

Trend # 7 – the social dimension where everything is shared

We have reached a new communication age where social media is well established. Today, technology has enabled us to profile any individual or business by simply tapping into the material available online on social networks. Facebook itself has approximately 1.19 billion active users and roughly 507 million daily active mobile users, while twitter has roughly 554 million active registered users, with approximately 58 million tweets a day.

With the popularity of social networks it becomes easier to share information across the globe with a simple click of a button. This takes on a new level of urgency as organisations shift from an information age to a communication age. Facebook itself revealed what is known as “frictionless sharing”, which automatically posts updates on your page from everything you listen to, read or watch.

The concept of 3D printing is another trend that will explode the marketplace in 2014 and will assist in local and custom fabrication. New competition will enter the market using 3D Printers to challenge business models. Users will take advantage of new paradigms in replicating products, designs, and devices.

For 2014: Be careful with what information you disclose and to whom you disclose this too. Businesses need to pay close attention to ensure that all information or objects shared are subject to copyright or is trade market protected.

2014 will see an uptake in the adoption of smart technologies, innovative devices, and a plethora of cloud applications. With new technologies seemingly always on the horizon, keeping a hold over IT systems is becoming increasingly complicated. It is therefore important that businesses embrace the new trends and prepare for the opportunities ahead.

Original Publication

 

Technology predictions for 2014 & beyond

predicting technology futures – what’s in store for 2014?

Original publication

2013 has seen a number of technologies enjoy varying levels of success and growth, with mobile devices, cloud computing and enterprise app stores all continuing to gain momentum. As I have written about throughout the year on this blog, these technologies have all had that disruptive business model impact which makes them popular and shakes up the existing landscape.

As we approach the end of 2013, I see no reason to expect 2014’s emerging technologies and trends to be any different. So what do we have to look forward to?

wearable technology and absolute mobility

Mobile everywhere and mobile for everything. 2014 will be the year that mobile is ubiquitous, smarter, faster and our reliance on mobile connectivity becomes absolute.

2013 saw the emergence of bring your own device (BYOD) as a mainstream concept, with end-users pretty much eschewing the notion of work/life balance and taking their smartphones and tablets into the workplace as a matter of course and taking their work on the move with them, presenting companies with new security challenges. But the trend will continue and 2014 will see users expecting to be online in more places than ever, at high speeds and with more robust security levels.

This increased mobility will continue to be driven forward by the latest advances in mobile devices, with wearable technology to the fore. The announcement that Burberry’s chief executive has just jumped ship to join Apple is a good indicator of how technology and fashion will merge over the coming year.Google glasssmartwatches and other wearable devices will all connect to the internet and each other through the Cloud like never before. And speaking of the connected planet. . .

the Internet of things goes mainstream

The internet is dead, long live the internet of things. There are now more networked devices and machines on the planet than there are people and 2014 will see still more devices, appliances and vehicles come online and begin communicating with each other.

The internet as we know it has already changed the world and many aspects of our daily lives. It has benefited businesses, individuals and nations, often helping to transform the way governments deliver education, health and social services and making information more democratically available. The internet of everything addresses the next generation of networked devices, with machine-to-machine (M2M) communications powering new ways of doing everything. Right now our phones and tablets are our most common networked devices, but the internet of things will see the networking of cars, homes, appliances, televisions, meters, indeed most electrical and electronic appliances and devices. There is even a company in the Netherlands that has helped a farmer to connect his cows.

Forecasts vary, but recent research projects that by 2020 there will be 75 billion ‘things’ connected to the internet and communicating with one another. 2014 will be the year that everything being networked goes mainstream.

hybrid cloud and XaaS model

2014 will see IT architectures continue to evolve and bring greater flexibility to companies and end-users. In previous blogs I have written about the future impact of cloud computing on various IT disciplines, notably procurementstorage and business continuity and even the role of the traditional CIO.

The cloud will continue to transform throughout the coming year, and the direction it will take will be that of hybrid cloud. Companies with private cloud architectures in place should be ready to embrace personal cloud and make the shift to the hybrid model. The hybrid approach gives organizations greater operational flexibility and optimized costs without compromising security. Network performance is improved too.

The ‘as a service’ (XaaS) model will continue to grow in popularity as well, as organizations adopt its agility and flexibility benefits while also recognizing that the OPEX model carries major advantages over the traditional CAPEX, investment-up-front approach.

software-defined architecture

Software-defined architecture will also come to the fore in 2014 – a practice whereby the software or the application defines the purpose of the device itself. This can be a storage device or a server, or a personal device such as the music boxes or wristband and apps that tracks how you sleep, move and eat—then helps you use that information to feel your best. The function defines the form.

The software-defined approach can help revolutionize the way we program, use and interact with devices because it makes them completely customizable. Devices of any kind will become defined by their apps, making them directly programmable, more agile, centrally managed and configurable and giving us greater control.

share, share and share again

End-users are now, thanks to the rise and rise of social media, so used to sharing that it is second nature. There are now 1.15 billion active Facebook users and over 288 million active Twitter users, all sharing thoughts, information, news, opinions and more, all the time. There have been more than 16 billion photos shared on Instagram. And this is just the beginning.

3-D printing is one area where the sharing of ideas and designs is going to take off in a big way in 2014 and beyond. Sales of 3-D printers are forecast to grow by 75 per cent in 2014, as the technology takes hold in the mainstream. 3-D printing could have a massive impact on many industries, not least the manufacturing sector. It represents a new way of sharing, with companies no longer needing to produce things the same way. For example one company or individual can come up with a design or bright idea one day and that design can be shared and copied tomorrow. Manufacturing, product development, design and prototypes – all of these disciplines could be hugely affected. This does of course present a challenge similar to that faced by the music and movie industries; when you have moved from the physical world to the virtual, and people are so used to sharing, how do you protect intellectual property? Innovative smart machines may be the solution to that. But that’s for another blog post.

Happy 2014.

Original Publication

Digital Futures

Today cloud is about more than “just‟ cost reductions.

Research shows that 74% of companies that invest in were more competitively agile.

<div style=”margin-bottom:5px”> <strong> <a href=”https://www.slideshare.net/gordonmakryllos/digital-futures&#8221; title=”Digital Futures” target=”_blank”>Digital Futures</a> </strong> from <strong><a href=”http://www.slideshare.net/gordonmakryllos&#8221; target=”_blank”>gordonmakryllos</a></strong> </div>

More details can be found at ……    Digital Futures 

Cloud is home to next generation storage and business continuity

I’ve written several times recently on the disruptive nature of cloud computing and how its omnipresent nature is removing complexity from traditional business processes and practices. Another increasing trend I am seeing is significant change in business continuity (BC) and disaster recovery (DR) options driven by cloud technologies.

Most senior business leaders have been involved in some level of ICT disaster recovery at one time or another throughout their careers, and they can be stressful times. Sensitive corporate data is thrown into the wind, private employee information can also be put at risk, and daily business operations are disrupted by something more often than not beyond your control.

The key to ensuring smooth BC in the event of an unforeseen emergency is to have backup systems in place in at least one other location to allow your organization to transfer operations and processes – and today the cloud is providing a truly viable, cost-effective and flexible alternative location.

a question of costs

The cloud did take a little while to gain the trust of business owners and leaders, particularly when it comes to the storage of sensitive and confidential company information. There was a fear factor in place for quite a long time, but as the cloud continues to become an accepted mainstream tool, that attitude is changing.

With greater acceptance, more organisations are exploring cloud storage for BC and DR purposes. A number of cloud service providers now offer Backup “as-a-Service” and organisations are considering the many benefits of this option for cloud-based BC and DR  for servers and PCs, which can be scaled up or down depending on customer need.

It is this flexible nature which, as with all things cloud, is proving popular; customers want to control their costs and a cloud-based backup solution helps them to reduce their CAPEX outlay. There is no need for unnecessary in-house infrastructure for backup and storage since it is hosted in the cloud under the as-a-service model, freeing up budget and also internal data center capacity for other purposes.

gathering momentum and trust

BC and DR “as-a-Service” offers  real opportunity, and one which is only really beginning to be fully understood by customers who have long been used to the off-site but on company premises backup approach. We are in the Big Data era, meaning that as companies continue to build up more IT assets – laptops, PCs, tablets and smartphones – they are generating more data than ever before. As such more storage than ever is needed and storage costs are escalating.

So as organisations look to manage these escalating storage costs, one of the options is to engage with a cloud provider to investigate alternative storage and backup systems.  Cloud providers who can mutualise their costs across multiple user organisations and reduce costs can offer significant savings (in some cases as much as 50%) by taking BC and DR strategy into the cloud. But as with any other disruptive technology, there is a learning curve involved – some companies still need to get out of their comfort zones to reap the benefits of the cloud. The positive side for them is that in many areas of their business they are already doing just that; most organizations already engage with numerous third-party suppliers for business-critical services and processes. So the step into BC and DR in the cloud need not be such an intimidating one.

Industry research backs up the trend. IDC predicts that over 102 exabytes of external storage capacity will be sold in 2017, up from 20 exabytes in 2012, while the next four years will see external storage space purchased by companies grow by between 30 per cent and 40 per cent.

picking the right way forward

But companies need to decide the right way forward for their needs. Having decided to place BC and DR in the cloud, should they choose public, private or hybrid? There are many different options available on the market, but organizations must be wary of merely selecting an anonymous black box – their cloud storage solution can end up being based on no relationship with the supplier, without any visibility and only interacting via a web interface.

So it is worth evaluating the hybrid cloud approach which gives you a more traditional relationship with your supplier, including SLAs, greater trust and an on-going partnership – global enterprise organizations in particular need this kind of underpinning.

be aware of the pitfalls

So while evaluating the many benefits of BC and DR in the cloud, companies do still need to be aware of the potential hazards. Since breaking onto the scene as a disruptor, the cloud has almost become something of a drug. We utilize the cloud for so much of our daily lives now, both personal and professional, that it can become second nature and somewhat taken for granted. Consider the many stories of tourists going on holiday only to return home to massive roaming charges from their mobile service provider – this second nature of the cloud can mean racking up out of sight, out of mind bills.

So once you decide to take an as a service approach to storage and backup, be aware that you are now in the massive content and data generation era. A staggering 90 per cent of all the data generated ever has been generated over the last two years, and it all needs to be stored and backed up somewhere. We are creating more and more data all the time, and show no sign of stopping any time soon. But with organizations needing to manage this on-going data explosion on a cost-effective basis, I believe that the era of cloud storage and backup based on the OPEX model has truly arrived.

Original Publication

 

Six tips for mobile device management security

There has been a lot of discussion this year about the increasing influx of consumer devices being used for both professional and personal purposes. Many organisations are feeling a little overwhelmed as they try to work out appropriate security levels and device management boundaries. When you take into consideration all the platform and application updates chewing through corporate bandwidth, plus the potential for rogue applications and malware to gain illicit access to company data, there are many headaches for security managers to deal with.

Here are six tips to help get the efficient and secure management of mobile devices under control:

1. Have a strong mobile policy

This may seem like an obvious tip, but there is often a clear disconnect between employees and employers’ expectations of how consumer devices will be used in the enterprise. Research from IDC found that not only were workers using their devices at twice the rate, they also tended to think employers were far more permissive of the use of consumer devices than they actually were. It is therefore very important to have a mobile use policy clearly defined to avoid these kinds of misunderstandings.

A mobile usage policy is a framework that defines who the users are and what devices, platforms and applications they can and can’t use. Enterprises must clearly define policies around reimbursement for services and what applications users can access via personal devices, along with clear guidance on who controls the data on devices.

2. Create an inventory of assets

How can you be assured of the security of employees’ mobile devices if you don’t know how many are out there and what they are? Implementing a robust and regularly updated inventory management system is a vital part of any mobile device management system. While many businesses do have an inventory of fixed and wireless assets, the majority of them are not updated and validated on a regular basis, leading to the potential for security issues to slip through the cracks via unknown devices or inappropriate usage. Businesses with accurate inventories have much clearer insight into their telecommunication environments and as such, more reliable information on which to base policy decisions.

3. Ensure proper configuration of devices

The sheer number of different devices and platforms out there can make the configuration of devices a challenging process. Factor in entry level handsets, smartphones, tablets with different operating systems and employees working in numerous different locations and the issue becomes even more complex. However, if a device is enrolled with a mobile device management server, a configuration profile defined and managed by IT admin can be implemented, enabling the device to interact with enterprise systems. An appropriate level of encryption can also be added to any commands coming from the server to ensure that settings cannot be altered without proper authorisation.

4. Implement appropriate security

Despite the influx of consumer devices into the workplace, many organisations haven’t implemented stronger security controls in response, leaving them at risk of security breaches or loss of sensitive data. Data encryption is a powerful piece of the mobile security puzzle and yet many businesses do not use it on a regular basis. In addition to implementing data encryption, enterprises need to inform workers about the risks of failing to comply with security protocols – there is a good chance that they are unaware of the risks associated with using their personal devices for professional purposes.

5. Regulate application protocols

Taking into consideration that there are thousands upon thousands of mobile applications out there, strong protocols need to be instituted for the deployment of any new applications and the management of existing applications. Malware is steadily creeping into the app world, so even applications from the app store need to be checked before they are allowed into the enterprise. Such malicious applications can take over the mobile device and operate in the background without the user knowing, searching for sensitive information such as passwords or banking details.

6. Provide training and end-user support

A relatively small percentage of the overall functionality of the average mobile device is used on a regular basis. With devices becoming more and more sophisticated, users could end up massively under-utilising all the functions that are at their disposal. As a result, most enterprises would benefit from providing user training, including how to set up email, device customisation, application selection and usage, understanding browser capabilities, using instant messaging, and mobile data services and understanding device functions and shortcuts. Support and training can increase worker efficiency and also reduce security risks, as employees better understand how their devices work.

Managing employee mobility doesn’t need to be a nightmare. With the right systems put into place, employees and employers alike can reap the benefits of mobility.

Original Publication