Small and Medium Business (SMB) can really benefit from mobile readiness. Beyond the obvious reasons (the idea of “readiness” and a paired security posture hardly needs to be sold), the SMB market can capture and leverage a whole population of assets that essentially have no overhead. No TCO, no appreciable Time to Value (TtV); they’re here now, in that they’re often owned and maintained by people as personal assets: Things such as smartphones and laptops.
Of course, often enough these devices are provided by SMB too, as tools of any particular job; but there does exist a ready population that can be exploited – and that must be protected.
Whatever devices (and associated users) desire to access your data, systems, and tools – you must take inventory and qualify access before you greenlight it. Assess whether a particular user really needs remote access – is it going to be an efficient enhancement to work? Will it be productive? Does supervision agree that access is desirable? Is a strong case being made?
Then the risks can be weighed against the benefits – and there are always risks. Mobile devices will harbor sensitive data – and that data can easily be lost. Also, mobile devices transmit updated data back into your central repositories – on your network: filestores that represent the content feeding your mission critical applications. Things such as the organization’s sensitive financial information; customer databases and records, sensitive correspondence – you name it. You must ensure sourced mobile data is healthy, accurate, and whole.
Mobile devices also represent a portal through which malware may enter the organization. Therefore, an entire regime of recurring user education is necessary, and a standard schedule for review of devices for compliances and updated protections for malware, etc., is absolutely essential.
When devices are lost, it is imperative that users alert IT – lost devices can allow unauthorized access to the network; IT must immediately bar a device’s ability to access upon loss. And while on that subject, beware devices that have unsecured remote access – that is, no password or stored password, allowing the “greased entry” upon a simple switch-on of the device.
Let’s keep rolling on this…
NP: The “In” Crowd – The Ramsey Lewis Trio, jazz24.org.