The big mobile device security challenge
By Craig McDermott
There is a divide between what employees want from mobile devices and what organizations need to protect data. Users expect flexibility and convenience while CIOs, information owners and risk and compliance teams want to be able to sleep at night.
Organisations that have the highest data assurance requirements and are looking to mobilise their workforce face a four-way balance of issues. They must provide staff with meaningful data so they can perform their role, maintain strong security, embrace a good mobile user experience and manage IT spend. So how do you square the circle?
Traditional high-assurance security devices prove cumbersome, expensive and not mobility-friendly. Think of random number generators, calculator-type devices and smartcards with smartcard readers which were designed for an “at desk” experience – pretty hopeless if you are on the go.
One concern raised is that people don’t like carrying around additional hardware but this is untrue. Nobody complains about carrying car keys, a wallet or a purse, what people do complain about is juggling devices while holding a laptop or phone.
Other valid complaints include reading six tiny digits from one screen to input it into another screen. And using smartcard readers either attached by a cable or using a jacket or a case, where the jacket device has to be replaced every time a mobile vendor changes the shape and dimensions of the device.
The negativity around poor user experience and cost is pushing some to look at solutions that provide an element of balance but often do not meet the security requirements.
So for organisations that have a high security assurance need, the answer has to be a solution that offers security, has a fluid and convenient user experience and meets the mandates within regulations and internal security policies.
It’s why we focussed on producing a security hardware product as well as our software security product. iDENtear is an intelligent hardware device that connects to smartphones, tablets, laptops or any other computing device with one click.
Simple and discreet it means that data is encrypted cannot be intercepted, even if there are vulnerabilities with the mobile device. Organizations can have a solution where risks, usability, cost and productivity are balanced, leaving the workforce to perform to their potential.
Craig is CEO of security technology company Apply Mobile. Read more about the company’s mobile authentication products here.