The arguments over whether or not people should use their own mobile devices at work is pretty much over – almost all companies now support some sort of ‘bring your own’ or ‘choose you own’ device policy.
Of course this doesn’t have to be any less secure than a single system ecosystem but there’s no doubt it does offer specific challenges.
But if staff are accessing business data then security must be at the forefront of any system and application design.
This reality of such a hybrid ecosystem means much greater complexity for corporate IT departments which means a security solution which can deal with the differing demands of the four main mobile operating systems.
You’ll need to properly train staff and make clear the dangers of not just the device itself but also the applications they load on them.
In itself a hybrid mobile ecosystem should actually bring security advantages – as long as those devices are all managed securely. There are also business benefits in terms of hardware outlay, user attitudes to using their own devices and likely reduced need for user training in using the devices.
But running a mixed mobile ecosystem means you need a decent management system to run the fleet of devices and create a truly mobile enterprise.
The world of ‘choose your own’ or ‘bring your own’ is not getting any simpler. Several Chinese handset makers have started European sales in the last few months running versions of the Android operating system.
Various Chinese tablet makers are also making in-roads into what was once quite a niche market.
For all these devices the main danger to enterprise security comes from applications rather than hardware issues. Although you need to ensure staff are using password protection as normal practise on any device which leaves the office you also need to protect business and customer data with proper encryption.
In reality you should be able to avoid all but very limited local storage of any sensitive information. Using cloud-based storage is not only good security practise but helps keep customer records up-to-date and backed up and makes sure you can secure the data should that member of staff leave the company.
The main danger to your data on any mobile device remains other applications.
Looking at even the simplest mobile application will show the ridiculous range of permissions they request from users. And the majority of users hardly give this a second thought.
So if your staff are using their own devices you need to keep your data safe. Most solutions offer some sort of ‘containerisation’ – effectively keeping user data and corporate data separate.
A decent enterprise mobile management system will cover the four main operating systems and allow you to separate data in this way.
Exactly what system you need will depend on your industry. Financial services for instance have to prove their systems are compliant with a variety of regulations.
If you need staff, and your business, to rely on a bespoke application – for instance in retail or warehousing – then it is probably worth investing in more than just basic application testing.
You need something which not only tests updates to your application but also pro-actively monitors its performance in the real world. It should show not just crashes but also exactly when an application is putting extra demands on devices.
Such a system will allow you to pinpoint problems almost before users become aware, and certainly before such glitches become a problem which impacts on your business.