Question

In today’s mobile, cloud-first world, organizations are allowing unprecedented levels of work to be completed from...

In today’s mobile, cloud-first world, organizations are allowing unprecedented levels of work to be completed from outside of the office. Employees and employers both benefit from the flexibility and efficiency that arises when workers can perform their duties from coffee shops, airports, their homes, and more. As such, providing employees with the ability to work remotely is an excellent way to attract and retain a talented, productive team. The devices and security measures used throughout an organization play a significant role in enabling safe, efficient remote work. Unfortunately, it can be quite challenging to determine which devices should be granted access to corporate data. IT teams need to consider how device policies and security solutions affect user efficiency, user privacy, and the security of corporate data. Unsurprisingly, the rising popularity of bring your own device (BYOD) has complicated the challenge of enabling secure remote work. A personal device that is used for professional and personal activities has access to the corporate network and the user’s personal apps – increasing the likelihood that corporate data can be accessed by unauthorized users or infected with malware. The workforce’s myriad of smartphones, tablets, and wearables represents an entry point for cyber threats that leverage devices to target corporate data.

1. Locking down devices: agent-based mobile device management (MDM)

Mobile device management (MDM) solutions are generally favored by large enterprises seeking to enforce security policies across a large number of corporate-owned devices. Typically, MDM solutions require software to be installed on all employee assets. This enables all devices to be centrally managed by IT administrators who implement features such as password protection, remote data wiping, the rejection of unsafe WLAN networks, and more. However, a major problem can occur with MDM if the mobile environment is heterogeneous, or contains disparate mobile devices and operating systems. Within these diverse environments, device management functions are often unavailable for some of the assets on the network. Because heterogeneous mobile systems are difficult to secure with MDM, it’s necessary for organizations to involve employees at an early stage of onboarding and implementation. This helps organizations to assess if the MDM solution supports all employee workflows and if deployment will be excessively challenging for certain devices. While agent-based MDM solutions can secure corporate-owned devices, they lead to privacy challenges when deployed on BYO assets. These solutions can allow companies to reset device settings, identify device locations, and collect information about device usage and user internet habits. When these capabilities are used on personal devices, it is often seen as an unacceptable intrusion into users’ private lives. As a result, many employees refuse having any kind of security software installed on their phones or tablets, creating substantial challenges for enterprise security.

2. From the device to the application: mobile application management (MAM)

Unlike MDM, mobile application management (MAM) focuses on securing company-provided applications that house sensitive data. Where BYOD is allowed, MAM is occasionally used to secure mobile data access; for example, when a traveling salesperson uses a corporate app on her or his personal phone to access customer relationship management (CRM) systems. To ensure that application data is sufficiently protected, company mobile apps are centrally managed by security administrators or IT personnel.

Despite the above, MAM has multiple limitations. While MAM can govern a number of corporate applications, it does not cover popular cloud apps like Dropbox and Slack. Like agent-based MDM solutions, deploying MAM requires the installation of software on employee devices. Additionally, as the solution does not provide device management functionality, a usage policy must also be installed on each device. Finally, MAM provides no assistance with detecting or blocking shadow IT.

3. Honing in on data: agentless mobile security

Fortunately for the enterprise, mobile security solutions can protect data without requiring anything to be installed on employee devices. Despite their agentless approach, these solutions can still provide MDM functions like data loss prevention and remote wiping of company data from even BYO devices. They also offer data encryption that can be extended to all popular cloud apps including Office 365, and Salesforce. This means that sensitive data is secure regardless of the app in which it is stored or the device through which it is accessed.

Through agentless solutions, security administrators can govern device access without the installation of intrusive software. As a result, they offer rapid deployment and alleviate users’ privacy concerns about employers accessing their personal information. In light of the above, these solutions are often adopted by businesses seeking to secure corporate cloud data as it is accessed by a variety of devices. With the growing popularity of cloud services and BYOD, the proliferation of agentless solutions will continue to increase.

Identify specific requirements

Organizations need to consider a variety of factors when selecting a mobile security strategy. First, IT administrators need to compile an exhaustive list of governmental regulations relevant to their firms. From there, they must ensure that deployment will not be impeded by users who want to keep their personal data private. In light of escalating BYOD trends, organizations should also identify the devices and operating systems in use, as well as the mobile applications employees need. Determining whether a security solution should be bolstered by legal agreements is another important consideration. Finally, all stakeholders need a voice in the decision-making process in order to ensure the adoption of a mobile security solution that is fair and effective for all.

1. Discuss how to expand physical security to address BYOD associated threats.

Homework Answers

Answer #1

The physical security of confidential data and vital information related to the work on employees' own devices can be addressed to in following manner

(a)Using agentless security system to prevent the data breach from any device or aplication used by the employee, without compromising on his privacy concerns.

(b) Assigning company owned devices which are protected through MDM like features and only the applications relevant to the company's work can be installed on it. IN this case, there will be no issue of privacy,as these devices would be used for personal purpose.

While using one of the above mentioned techniques, the care must be taken to ensure the compliance to the regulations related to the use, ensuring legal formalities with employees and other relevant parties to avoid liability in later stage and training the employees appropriately about the usage policy that minimises the risks of data breach and also protects their interests.

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the...
You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director of Information Systems and Telecommunications. Your assignment is to assist security posture of the firm and develop a security structure for this new company. Write your recommendations and reasons to the firm’s CEO. The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India and California. Ten accountants will be hired at each site....
Case Study Big Data Stewart Clegg Radically changing your business due to disruptive innovation requires a...
Case Study Big Data Stewart Clegg Radically changing your business due to disruptive innovation requires a different approach. When dealing with disruptive innovation, the alignment and/or realignment of an organization’s assets might not be enough to sustain competitive advantage. When newcomers use the latest technology to disrupt an entire industry, the incumbents will need to take drastic measures to change their organization. The emergence of strategies driven by Big Data means a transition to a data-driven, information-centric organization consisting of...
UPS COMPETES GLOBALLY WITH INFORMATION TECHNOLOGY United Parcel Service (UPS) started out in 1907 in a...
UPS COMPETES GLOBALLY WITH INFORMATION TECHNOLOGY United Parcel Service (UPS) started out in 1907 in a closet-sized basement office. Jim Casey and Claude Ryan—two teenagers from Seattle with two bicycles and one phone—promised the “best service and lowest rates.” UPS has used this formula successfully for more than a century to become the world’s largest ground and air package-delivery company. It’s a global enterprise with nearly 400,000 employees, 96,000 vehicles, and the world’s ninth largest airline. Today UPS delivers 16.3...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the customer buying the end product Direct billing by the firm for IS resources or services to the department that uses them Direct billing by the manager of a function for IS resources or services to an employee that uses them An accounting process that reduces tax liability for capital investments All of the following are attributes of considering IS costs as Overhead except the...
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
Consumerization of Technology at IFG3 “There’s good news and bad news,” Josh Novak reported to the...
Consumerization of Technology at IFG3 “There’s good news and bad news,” Josh Novak reported to the assembled IT management team at their monthly status meeting. “The good news is that our social media traffic is up 3000% in the past two years. Our new interactive website, Facebook presence, and our U-Tube and couponing promotions have been highly successful in driving awareness of our ‘Nature’s Glow’ brand and are very popular with our target demographic—the under-30s. Unfortunately, the bad news is...
Business Problem-Solving Case Walmart and Amazon Duke It Out for E-Commerce Supremacy Walmart is the world’s...
Business Problem-Solving Case Walmart and Amazon Duke It Out for E-Commerce Supremacy Walmart is the world’s largest and most successful retailer, with $487.5 billion in 2014 sales and nearly 11,000 stores worldwide, including more than 4,000 in the United States. Walmart has 2.2 million employees and ranks first on the Fortune 500 list of companies. Walmart had such a large and powerful selling machine that it really didn’t have any serious competitors—until now. Today, Walmart’s greatest threat is Amazon.com, often...
After reading the following article, how would you summarize it? What conclusions can be made about...
After reading the following article, how would you summarize it? What conclusions can be made about Amazon? Case 12: Amazon.com Inc.: Retailing Giant to High-Tech Player? (Internet Companies) Overview Founded by Jeff Bezos, online giant Amazon.com, Inc. (Amazon), was incorporated in the state of Washington in July 1994, and sold its first book in July 1995. In May 1997, Amazon (AMZN) completed its initial public offering and its common stock was listed on the NASDAQ Global Select Market. Amazon quickly...
Four Case Studies on Corporate Social Responsibility: Do Conflict Affect a Company's Corporate Social Responsibility: Apple...
Four Case Studies on Corporate Social Responsibility: Do Conflict Affect a Company's Corporate Social Responsibility: Apple Inc. Apple’s profile Apple Inc. (hereafter Apple) was established in 1977 and is registered on the NASDAQ Global Select Market exchange. According to its Form 10-K ‘Apple designs, manufactures and markets mobile communications, media devices, personal computers and portable digital music players, and sells a variety of related software, services, peripherals, networking solutions, and third-party digital content and applications’. Its products are sold through...
2. SECURING THE WORKFORCE Diversity management in X-tech, a Japanese organisation This case is intended to...
2. SECURING THE WORKFORCE Diversity management in X-tech, a Japanese organisation This case is intended to be used as a basis for class discussion rather than as an illustration of the effective or ineffective handling of an administrative situation. The name of the company is disguised. INTRODUCTION In light of demographic concerns, in 2012, the Japanese government initiated an effort to change the work environment in order to secure the workforce of the future. Japan is world renowned for its...