Agility, control and freedom: why compromise?
The workforce needs to be mobile, but the organisation needs security. In association with SEH, we reveal how to do both
Employees have the freedom to use their mobile devices to carry out tasks from any location, but organisations also need to ensure that corporate resources and data are kept safe. As the mobile workforce grows, so does the challenge. By 2018, the number of employee-owned smartphones and tablets used in the enterprise is expected to top one billion devices, according to figures from Juniper Research.
Growing security threats
This also means there is a greater attack surface from hackers. Users downloading content and apps can expose organisations to malware and data-snooping software. They will frequently use devices on unsecured networks at coffee shops, airports, hotels and other public places, meaning corporate data stored on such devices is susceptible to breaches.
In addition, data protection legislation, such as the EU’s GDPR rules, place greater importance on individuals’ privacy, and place stringent regulations on companies to secure and respect such data.
Some are implementing corporate-owned mobile devices to isolate personal apps and data from corporate ones, but this doesn’t get rid of all security anxieties.
Printing confidential information from mobiles
When employees or contractors bring their mobile device, such as an iPhone or an iPad, into the workplace, they will want to print out documents stored on their devices. This raises the obvious yet complex question: who can print where? One issue is that in corporate networks each department often has its own subnet, and AirPrint doesn’t work across subnets.
Security also plays an integral role for many companies; they must transfer sensitive data securely over the network. For mobile printing, the transfer of data from iOS devices to the printer must be protected.
Managing applications and remote access securely
Remote users need access to your resources to be productive, but this needs to be secure. Building a distinct network for mobiles can ensure that personal devices and mobile apps are validated before allowing them to access the network.
Enterprises can implement a master security policy that enables access to corporate data and parts of the main network from mobile devices, while helping ensure no data leaks through personal devices.
Organisations should enforce a mobile user remote access policy to protect their data – for example, to insist users switch on encryption and have a PIN or strong password to access a device’s OS or apps. They should also deploy mobile access with authentication, network access controls and a VPN to enable only approved users and devices, along with whitelisted mobile apps, to access corporate resources.
Another way to give employees greater freedom while retaining control is to isolate enterprise apps and data from personal apps and data. For example, by creating a container (a cordoned-off workspace environment) on personal devices.
Organisations should also keep control of their employees’ mobile environment by using identity and access management. Including mobility within this can mitigate security risks, even while users bring their own devices into the enterprise. A good identity and access management strategy can allow line of business managers to decide what access should be given to whom.
Overcoming secure printing challenges
When it comes to secure print management from an iPhone or iPad, organisations should use hardware and software to determine who is allowed to print and which printer they can use by connecting it to their Active Directory. Essentially, it can be arranged that only Active Directory members are allowed to print. If an organisation wants finer control, they can define which Active Directory member can print to which printer. Securely managing mobile printing over different networks needs a solution that overcomes subnet boundaries, so that even though an iOS device is connected to the department WLAN (subnet), it can still print to a printer integrated into another subnet. Lastly, to ensure better security, print data transmitted between iOS devices and a print server should be encrypted, for instance through point-to-point-encryption (P2PE).
Greater transparency, control and security
As the number of phone and tablet users within a company continues to increase, so does the need for transparency, control and security.
A mobile printing device, such as the primos Enterprise AirPrint Server from SEH, could help your organisation print from your employees’ iOS devices more securely, increasing flexibility and agility. Unlike many other solutions, primos does not use a cloud, meaning sensitive print data remains in a company’s network at all times.