Mobile Computing
eBook - ePub

Mobile Computing

Securing your workforce

Share book
  1. 75 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Mobile Computing

Securing your workforce

Book details
Book preview
Table of contents
Citations

About This Book

According to a recent iPass report, 73% of enterprises allow non-IT managed devices to access corporate resources. 65% of companies surveyed reported security issues. This ebook looks at the security risks of an increasingly mobile workforce and proposes a range of possible solutions. Topics covered include: using personal mobile devices at work (BYOD); password security; data encryption; raising user awareness; securing networks; legal aspects of data security; and the danger of risk trade-offs.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Mobile Computing an online PDF/ePUB?
Yes, you can access Mobile Computing by in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

1 EQUIPPING EMPLOYEES, MAXIMISING POTENTIAL

Nathan Marke, March 2011

Organisations are striving to implement supportive information and communications infrastructures to maximise employee collaboration, increase productivity and achieve efïŹciency savings. Equipping employees with the tools to work remotely and ïŹ‚exibly allows businesses to provide the best possible experience for their employees and customers whilst reducing overall IT spend, says Nathan Marke, 2e2’s Chief Technology OfïŹcer.
WHAT IS A ‘BETTER CONNECTED’ WORKFORCE?
The IT industry has tended to use terms such as ‘unified communications’ or ‘unified communications and collaboration’ to define the ways in which the modern workforce can work together and collaborate. These abbreviations are fine, save that they tend to create a focus on technology rather than on people or process; hardly surprising given that they originate from the technical hierarchy in our IT organisations.
By using the term ‘better connected workforce’ we seek to draw attention to the ways in which technology may be used to provide a better working environment, one in which employees may be able to communicate via different media that are appropriate to the particular purpose (instant messaging for the quick, informal query; video conferencing for the discussion that may be enhanced by some level of personal contact; telepresence for the more immersive group interaction). In short, the better connected workforce is one that is not only equipped with the right tools, but one that is aware of how these tools can be used to make communication between individuals, groups and across organisations faster, more effective and more productive. The better connected workforce is thus able to be more costeffective and better placed to attain the benefits, not only of new technology, but of new and more flexible working patterns and structures.
‘PROSUMERISATION’
This trend is accentuated by the effects of what is becoming known as consumerisation and ‘prosumerisation’. These buzz words refer to the blurring of distinctions between consumer products and professional products. For example, whilst the iPhone would fit into the former camp and the BlackBerry into the latter, each is being used in the other’s territory. A further example is the use of social networking products in the work environment (Twitter for marketing, Facebook for group updates etc.).
As a result employees now expect to be able to replicate the efficiency and ease of use of home apps in the workplace and to be able to move seamlessly from home to work without connecting to different systems. As business applications become ever more web-savvy and accessible via mobile browsers, we are starting to see a move in IT departments towards the allocation of per capita budgets, with employees being able to provide (and getting support for) whatever devices they choose. There is a risk that this trend creates a widening information gap between the ‘haves’ and ‘have nots’ (which is a challenge for all organisations and which mirrors a similar gap in society at large), but the momentum would seem to be unstoppable.
WHAT ARE THE BUSINESS DRIVERS?
There are a series of complementary drivers that are encouraging organisations of all sizes, both public and private, to consider how to create a better connected workforce. Firstly, there is the need for improved productivity; secondly, the push for cost effectiveness; and thirdly, the requirement to attract and retain the highest calibre staff. Common across these drivers is the requirement for staff to remain connected to business systems and be able to communicate effectively, whether in the office, at a remote site, at home or travelling. Work has become something we do, not somewhere we go. To create a better connected workforce, an organisation should implement flexible working methods, providing employees with the tools for the job and the systems they need to ensure the necessary training and support is firmly in place. These tools, which will exist in an IT infrastructure that is secure with highly available remote access, will include devices such as laptops, BlackBerries and Windows mobile devices. Additionally, there will be IP-based voice and video systems and flexible applications designed to operate in a mobile environment. The support systems will provide ongoing training, access to support services and the ability for staff to communicate with one another individually or in groups, using voice, video, email and blogs.
LOOKING FORWARD
As well as improving connectivity and flexibility, organisations are also aiming to achieve significant cost savings, either through major transformational programmes or single point solutions. These programmes increasingly demand software as a service (SaaS), hosted and cloud-based solutions that are more cost-effective than traditional in-house options and bring increased flexibility.
By investing in hosted and cloud-based solutions and equipping employees for flexible working, businesses are able to rationalise property estates, further reducing costs. Whichever combination of hosted, cloud-based or managed service is chosen, the enterprise must be able to deliver better quality service at lower cost. However, many organisations are still running costly legacy IT platforms, full of data that has become progressively less useful over time. To obtain even the most basic benefits from a collaborative, better connected workforce, these platforms need to be changed to support flexible working patterns and the applications and devices used for equipping employees. Businesses running old versions of Novell, Exchange and Notes must move to a single directory environment to provide the necessary platform.
There are many examples of businesses that have made an initial investment in IP telephony, instant messaging, presence-based systems and enterprise portals, but remain at the pilot stage – despite evidence from Gartner research suggesting that most organisations recognise they will benefit from equipping employees with the tools for flexible working. If these organisations were aware that, by diverting budget from redundant data storage and ageing infrastructure into new and innovative programmes, they could achieve an ROI of six to nine months, they might be more willing to move from pilot to full roll-out.
ENSURING SAFE END-USER ADOPTION
Any new technology must be supported by excellent staff training to ensure rapid end-user adoption – this must take place before the change so people know what to expect, during the change so that they are hand-held throughout the deployment (and their work is not affected) and after the change so they know how to access help and support. Equipping employees with the tools to work flexibly and when on the move requires security measures to be in place to reduce the risk of exposure to a minimum. Employees must be trained to appreciate the physical security risks (don’t leave the laptop on the train!) and to keep locally held data to an absolute minimum. Recent heavy penalties for data breaches make this a priority, as does the need to retain customer trust. Strong authentication and policy-based control over access (enforcing the use of virtual private networks (VPNs), personal firewalls and antivirus programs) is therefore essential. Systems must be in place to ensure that remote or mobile devices are updated with the latest security and operating system patches before they access an organisation’s system.
CONCLUSION
Organisations and enterprises that are investing in new collaboration architectures are showing real initiative at a time when it would be more palatable to simply reduce cost. By investing in the systems and tools to create a better connected workforce, an organisation will be able to benefit from a reduced cost base, a more efficient, effective and flexible working environment and the enhanced ability to attract and retain the best staff.

2 CONSUMER DEVICES IN THE WORKPLACE: A BEST-PRACTICE SECURITY APPROACH

Steve Durbin, October 2011

There is no doubt that, as consumers, we have fallen in love with our smartphones and tablets. As business professionals, many of us would like to bring these consumer devices into our working lives, if we haven’t done so already. However, how do we safely use consumer devices as business tools, asks Steve Durbin, Global Vice President, Information Security Forum (ISF).
Many of the most popular consumer devices were not designed originally as business tools and do not offer the levels of security comparable to current desktop and laptop computers. In addition, the way we now use these devices is blurring the line between personal and business usage and behaviour, another area of concern for businesses.
Without adequate protection, consumer devices can expose organisations to a number of risks, all of which open up new routes for corporate data loss and ways for an organisation’s reputation to be damaged. These include misuse of the device itself, outside exploitation of software vulnerabilities and the deployment and download of poorly tested, unreliable business apps. Symbian and Android are among the most insecure mobile operating systems (OS) and malware can find its way through via the OS or the apps downloaded onto the device and into the corporate system relatively easily.
PUTTING THE RIGHT TOOLS IN PLACE
However, by putting in place the right working practices, usage policies and management tools, organisations, regardless of size or type, can benefit from the greater flexibility, increased productivity and reduced costs that consumer devices can bring to the workplace, while minimising exposure to the potential risks.
Time is critical though, and businesses urgently need to formulate a response to this growing trend. In view of this, the ISF has worked with a number of its members – leading organisations round the world – to compile an objective, best practice focused approach to securing mobile devices.
The resulting Securing Consumer Devices report breaks down consumer device security into four manageable components: governance, users, devices and applications and data.
  • Governance: Without control over consumer devices, organisations have little or no visibility of usage and penetration and poor knowledge of ownership, support requirements, adherence to policies or compliance. Furthermore, consumer mobile devices and apps are typically sourced from a wide variety of unapproved, non-corporate suppliers, with limited attention paid to service provision contracts.
Organisations need to create a framework for ensuring correct and consistent mobile device security assurance. This involves getting an understanding of the extent of consumer device penetration and identifying the different device user groups, their requirements and the attendant risks. Organisations then need to agree a device provision mechanism, define policies around ownership, corporate access and acceptable use and identify any statutory requirements.
  • Users: Without controls over consumer device working practices, users are free to combine work and personal tasks and data, with the risk of working in unsuitable locations and exposure to loss and theft. Users can potentially misuse or abuse the device through jailbreaking or disabling security features. They might also copy data to removable storage devices or use the device for making inappropriate calls or for downloading and sending offensive or inappropriate content.
Organisations need to ensure employees are aware of what constitutes good working practice for mobile devices. As well as making consumer device security an integral part of awareness campaigns, organisations should create an acceptable use policy (AUP), which employees must sign. In addition, organisations should consider monitoring device usage and enforcing policy through disciplinary or financial sanctions.
  • Devices: Without protection or management, consumer devices are...

Table of contents