Viewpoint: Successfully Navigate the Mobility Maze
By David Smith
Today’s state and local governments – facing unyielding budgetary pressures to do more with less and a growing consumer demand for 24/7 connectivity – are highly motivated and eager to embrace workforce mobility and BYOD (bring-your-own-device) strategies. Benefits include cost savings, improved productivity, enhanced continuity of operations and a greater competitive edge in recruitment and retention of the best and brightest, to name just a few.
Many state and local entities, however, are not moving forward as quickly or completely as hoped as they continue to grapple daily with familiar, yet formidable, issues, including securing data, authentication and managing devices, apps and network access to cite a few.
While mobile security concerns range from passcode enforcement to device encryption, data breach and data leakage are at the top of the list for implementers of mobile work style programs. During Enterprise Security Expert Jack Gold’s October 2011 webinar titled. “MDM is no longer enough,” Gold said organizations will lose three to four times as many smart phones as notebooks each year. This concern resonates as an increasing number of smart phones and tablets not only connect to the corporate network but also access an increasing number of business applications and content repositories.
Beyond data, state and local entities are concerned about the risk of opening up internal networks to a diverse array of mobile devices. In many cases, smart phones and tablets are neither governed nor monitored, meaning that they can introduce network threats and negatively impact an organization’s compliance status.
To date, we’ve seen two approaches to solving these challenges:
· Securing and managing all participating devices, apps and data with a complex array of point solutions, leading to management headaches and security silos,
· Requiring employees to use different devices for different activities, leading to user frustration.
State and local governments, realizing that these options do not add up to a sustainable solution, seek new approaches. Increasingly analysts and IT professionals have joined them and are calling for more robust mobility management strategies that protect underlying applications and confidential data regardless of device ownership, while enabling access to existing web- and Windows-based applications from any device.
This is leading to the emergence of an EMM (enterprise mobility management) approach to addressing the next generation of mobility challenges. EMM encompasses mobile device management, mobile application management and mobile data management capabilities, as well as powerful analytics that enable administrators to audit devices, applications and network access.
To manage and secure enterprise mobility, an EMM strategy requires:
· Security for mobile data that includes a focus on ensuring that data-in-transit to mobile devices and data-at-rest on mobile devices are encrypted using the required standards,
· Comprehensive device management that ensures peripheral control, inventory and usage tracking for government-owned devices to maintain effective governance,
· Access and control policies using endpoint analysis and user roles to determine which apps and data to deliver, and what level of content access to provide
· Robust, yet flexible, authentication that enables state and local governments to apply the appropriate level of authentication for mobile use cases, including network access, digital signatures and encryption,
· Secure app containerization that separates business apps and data from personal apps on mobile devices, which can be remotely administered, locked and/or wiped by IT,
· Centralized application management and deployment via an enterprise app store that enables organizations to provision and de-provision apps more easily and ensure mobile app access for terminated employees is deactivated immediately, while giving users simple access to the applications necessary to perform their job and
· Advanced analytics that provide the ability to audit devices, apps and network access and rapidly analyze the findings to ensure thorough control and governance.
To move forward and realize the benefits of mobility and BYOD strategies, state and local agencies must address security and governance challenges quickly and completely. EMM provides a comprehensive approach that enables government organizations to secure the network, critical data and devices, while advancing a new generation of computing that yields greater efficiency and empowers employees with unprecedented connectivity and flexibility.
David Smith is the state and local government sector director at Citrix Systems.