Take Information Superiority over employee-owned devices to secure the mobile enterprise

The battle for your network revolves increasingly around Information Superiority. When your network is breached, the attackers leverage Information Superiority -- they know something you don’t about your environment and they’re using that to gain access to your network and digital assets.

Unfortunately the typical organization doesn’t know enough about its environment to effectively defend it. Perhaps nowhere is this lack of Information Superiority more apparent than in the mobile enterprise. A study conducted by IDC finds that 40 percent of IT decision makers say that workers access corporate information from employee-owned devices, but in stark contrast more than 80-percent of employees indicate they access corporate networks this way. To protect our corporate assets we need to close this gap.

Gaining Information Superiority for the mobile enterprise is increasingly urgent as we become more reliant on mobile devices and as organizations embrace the bring-your-own-device (BYOD) movement. Research indicates that mobile phone sales worldwide rose to 1.5 billion units in 2011 and new data from Nielsen finds that half of all mobile phones in the US are smartphones, up 38 percent from last year. A recent Gartner report shows tablet sales on a pace to reach over 300 million units worldwide in 2015 and IDC predicts laptop sales to reach nearly 400 million units worldwide for the same period.

Whether your organization takes an aggressive or phased-in approach to BYOD, employee-owned devices can increase security risk to the corporate network and corporate data. Mobile devices easily connect with third-party cloud services and computers which security posture is potentially unknown and outside of the enterprise’s control. And mobile malware attacks are on the rise -- research indicates malware targeting Android-based devices has increased by nearly 500 percent since last summer.

To secure your network and digital assets, you must establish Information Superiority -- this means being able to leverage superior intelligence to identify what needs to be protected and the threats to consider when structuring defenses.
But how?

In order to achieve Information Superiority in a mobile world, you need technologies that let you do three things:

1. See everything in your environment. Technologies that provide visibility into everything on your network (devices, operating systems, applications, users, network behaviors, files as well as threats and vulnerabilities) are essential. With this baseline of information you can track mobile device usage and applications and identify potential security policy violations.

2. Understand what’s at risk. Leverage technologies that help you apply security intelligence to data so you can better understand real threats. From there you can evaluate mobile applications to determine if they are malware and even identify vulnerabilities and attacks targeting mobile assets.

3. Take action to protect your environment. Identify agile technologies that allow you to adapt quickly and take steps to protect systems in rapidly changing mobile environments. On the corporate side, create and enforce policies that regulate what data can be transmitted to BYOD users. For employee-owned devices, it may be useful to lock down your organization’s network or computers (laptops, desktops, servers) with capabilities like application control. Consider approved applications that can be used by employees to remotely access their desktop computers back in the office from their tablet while travelling. While you may not be able to limit the installation of an application on the device, you can prevent it from running on corporate-owned computers.

Gaining the Information Superiority advantage in a mobile world presents new challenges. Technologies and techniques that let us see everything in the environment, understand whether it’s at risk and then protect it, enable us to secure the mobile enterprise while enjoying the productivity benefits laptops, tablets and smartphones deliver.

Photo Credits: Slavoljub Pantelic/Shutterstock

Oliver Friedrichs is senior vice president of Cloud Technology Group at Sourcefire, a provider of intelligent cybersecurity solutions. With more than 15 years of expertise in developing innovative security technologies and working closely with numerous government and commercials organizations to help address their cybersecurity requirements, Friedrichs provides direction for the company’s cloud-based technology strategy and executing Sourcefire’s product development roadmap for the cloud platform.

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.