Security Challenges of Enterprise Mobility
Mobility is the main concern for the Enterprise of late. Every organization is trying to mobilize Organizational data in Mobile devices, trying to create a Mobile Workstation. Mobility increases productivity of an employee drastically, helping him take timely and informed decisions. However the transition into Mobile Workspace from Desktop workspace have seen a major issue of Security for Organizations. The security of working in the encrypted network of the Company’s own server is pretty challenging to achieve in mobile devices. Let us talk about what are the Drivers and Security challenges, the Enterprises are facing in today’s world of mobility.
Drivers of Enterprise Mobility:
The main driving force of the Enterprise Mobility is its own Employees. Employees are demanding more flexibility in their work. Providing basic applications anytime, anywhere have empowered them to take better business decisions and timely executions. If we look simply at what an employee wishes to do without working in a traditional desktop or laptop, we get a long list of possibilities, be it booking for facilities in their own company, or applying / approving for leaves of his group members.
12% of the Enterprise’s concern is how they couldn’t stop BYOD from happening, and employees have started bringing their own device and they get the opportunity to choose from company provided to self owned.
These charts provide us with the insight about which application is most used by the Employees while using their Mobile devices. The organization can either replace them with their own replacement apps or they can simply provide their own apps out of the box.
Major points which comes to question are:
Employee flexibility: With the onset of superior mobile devices and tech savvy nature of human, we are seeing an impressive growth in mobile device adaptability. Now employees want their organization to be adapting to the Mobility revolutions.
Productivity gains: Indeed, the use of apps inside and outside the organization has seen many breakdown of works into smaller parts. Now employees don’t need to go the traditional way of addressing the issue from their own conventional desktop.
Employee Availability: Providing mobile devices and access to network increases the employee engagement and availability. Now the employees are available from anyplace, anytime.
Telecommunication & Remote work: Mobile devices help provide communication, be it Social media interaction, orofficial communication via secure devices.
This following graph shows us a Statistic of Work break up when employees are using Mobile Devices.
Let’s have a look at Security Issues of Mobile Enterprises
The major security issue of Enterprise Mobility is leakage of Confidential Company owned data. The main reasons they can happen from any device without security are listed below.
1) Insecure or unnecessary client side Data Storage.
2) Lack of Data Protection in Transit.
3) Personal Data Leakage.
4) Failure to allow resources with strong authentication.
5) Failure to implement least privilege authorization policy.
6) Client – Side injection.
7) Client – Side DOS.
8) Malicious Third Party code.
9) Client – Side buffer overflow.
10) Failure to apply server side controls.
If we look into the list we can come up with security issues and how then can easily be handled by proper implementation. Some points are self indicative, let us talk about the technological parameters.
Strong Authentication: This will be done on the Client Machine (Mobile device), where the user will be validated before being presented with the data. Implementations which are proper force the user to provide authorization before using Enterprise Apps.
Least Privilege Policy: Data is not meant for everybody, and such is the implementation. Data is provided to users who are privileged to access the data.
Client – Side Injection: These are code injections which are injected from Client Machine. Leading to anomaly behavior of the Enterprise Apps, and may undermine the functionality of the apps.
Client – Side DOS: These are similar to Client Side injection. In this case programs are used in hacking the Enterprise Apps.
Client – Side Buffer Overflow: These issues occur when there is mismanagement of data stacks. Data will be left unattended on client machine and may lead to leakage. This is ensured and controlled by the Enterprise app.
Server Side Control: The organization server should provide the data it needs to share, and should avoid sharing data which is not relevant to the user.
The figure below gives us the possible loss of data scenarios and how Data Loss occurs. It also gives us the process of how we are going to eliminate such instances, just in case.
Addressing Security Concerns inMobile Enterprise
Enterprise Backend Security:
Enterprise Backend Security issues can be handled by enabling Mobility via MEAP (Mobile Enterprise Application Platform). MEAP enables the development of Mobile devices by managing the diversity of the devices, network, and user groups at the time of deployment and throughout mobile solution lifecycle.
A MEAP solution is generally composed of two parts: A Mobile Middleware Server and a Mobile Client application. The mobile middleware server is a solution which handles all the request, queries the application sent from the mobile device to the server, and hereby in this process provide security to the application. Its acts like a communication between the Mobile application and the server and also behave like a firewall providing security from third party mobile app intrusion.
Securing Mobile Devices:
Device management policies needs to be enacted, prohibiting certain features of the mobile to be disabled as soon as the user logs in to the Organization’s secure network. Based on the security requirement, device features like camera, Bluetooth, Wi-Fi can be blocked from unnecessary access. For enterprise devices, blocking of these features lead to compromise in usage, so employees prefer BYOD (Bring your own device).
In BYOD the enterprise needs to separate the user data from the organization data. Furthermore the enterprise is aware that all the features are enabled for these devices and take sufficient precautions for the same.
Device Management Policies:
Policies to me maintained in Mobile devices and apps which are crucial for providing Enterprise apps to employees.
• Password: Password is a basic level authentication to check user validity, and prevention of unauthorized usage. Password policies like certain strength in Password, can be mentioned so that it’s practically harder to crack the password which can help the application security greatly.
• Encryption: Encryption is the term used, when a data is sent from the server with its contents encoded with a key. Now the client machine provides the same key for decoding the information and gets the original information. Encryption is a secure way of data transmission and should always be encouraged to use.
• Size & format of information: A very important feature, to prevent loss of data by naturally long data.
• Device Management & Hardware Management: A thorough control should be taken against certain Mobile device hardware like Camera, Wi-Fi, Bluetooth, Infrared, Device sharing and removable storage.
• Application management: Can restrict certain apps when logged in into Server, by either not letting them start, or simply isolating the Enterprise application by a security layer.
Every organization should create some clear roles for using mobile devices and those rules should be followed strictly if BYOD is setup. The management should create a mobility managing plan so that there’s no confusion regarding the corporate guideline policies. The mobility management policy should have rules and regulations regarding devices, legal issues, and bandwidth.
Enterprise mobility in the workplace environment and its challenges should not be an obstacle. Organizations should address these issues and implement best practices to produce maximum productivity.
Android KitKat Update
Android powers more than a billion phones and tablets around the world. It’s customizable, yet easy to use, and since it’s made by Google, it works seamlessly with all your favorite Google apps. Android OS has been updated from the day it emerged to the newest one which is Android KitKat 4.4.
Android version 4.4 KitKat unlike previous versions is a major upgrade to the previous versions. Many new features have been provided over the previous versions as well as, a lot emphasis have been given on ever-lasting problem of memory management. Let’s talk about the recent features of Android 4.4 KitKat and the major updates.
Google’s changed the way Android looks, created their own new launcher, made the dialer much smarter, further consolidated their messaging services, gave the Email app, love, and added many new features for app developers to take advantage of.
Google Experience Launcher
On Android 4.4, the Google Experience launcher has a partially transparent status bar and navigation bar on the home screen, showing off your wallpaper and hiding those black bars.
Google Experience Launcher can be installed on any Android device running Android 4.1 or later. Google is currently only officially offering the Google Experience Launcher on the Nexus 5, so you’ll have to activate it yourself on other devices and even in other Nexus devices, like the Nexus 4 and Nexus 7.
Dialer with Search
Android 4.4′s new dialer also allows you to search for businesses and dial their phone numbers right from the dialer. For example, you can open the dialer, search for “Hot Dogs,” and quickly call a nearby Hot Dogs place.
Whenever you get a phone call, Android can now query Google’s servers to provide caller ID information for you. This feature is enabled by default, but you can disable it if it is not desired. The dialer is now integrated by Google search and you receive the whole functionality of Google Search.
All is in Grey, So long Blue
The most immediately noticeable change is the shift from the neon blue theme of Android’s interface to a new, neutral gray color which is actually looks more matured in design. The battery, Wi-Fi, and cellular icons on Android’s status bar, for example, are now gray along with the options in the quick settings panel are also gray colored, as are the accents on the official Google Keyboard.
This actually helps developers in standardizing the development pattern and provides a more neutral canvas. For example, Netflix’s red app will look better with gray system icons than blue ones which were used earlier.
Hangouts SMS Integration, Google Talk replaced
Google’s Hangouts app — the replacement for Google Talk hasintegrated SMS support, eliminating the need for a separate Messaging app. This feature also isn’t exclusive to Android 4.4, but is also available on older versions of Android along with a recent update to Hangouts. However this is just an add-on feature which lets the user decide whether to keep on using the basic messaging app for texting or use hangout for messaging.
On Android 4.4, Hangouts registers itself as a “SMS provider”. Any other SMS app can also choose to register itself as an SMS provider, becoming the default messaging app. Any app can listen for incoming SMS messages, but only a single app, the user’s default SMS app, can send SMS messages.
The premier Google Talk has been replaced by Google Hangout app which actually have implemented a major change in usability as well as features. The main missing feature in Hangout is the ability to show the online user, which was previously available in Google Talk. Furthermore Hangout keeps single window for every chat window, which keeps track of full conversation. This can be a wanted as well as an unwanted feature that Hangout have provided the user.
Get Started with Google Cloud Print
Nowpeople can print from any device (desktops, phones, tablets) to any of your printers connected to Google drive on Google cloud.
Android now includes a printing framework. It’s a built-in system feature that supports both Google Cloud Print and HP ePrint by default, but developers can add support for new types of printers using the API. This means you should be able to install support for other printers via an app from Google Play and they’ll integrate with Android’s printing system.
You’ll find a new Printing option on Android’s Settings screen, and many built-in apps support printing. For example, you can tap the menu button in Chrome and tap the Print option in the menu to print a web page. It is quite amazing losing all the net wires as well as the big USB ports required for printing and also the support for printing from mobile.
KitKat have replaced the earlier app for file handling. This file picker supports both local, on-device storage and cloud storage services like Google Drive. However, any cloud storage service can integrate with it. Support for Box is already offered, while other cloud storage services like Dropbox or SkyDrive could implement a “document provider” and appear in this list. Whenever you use the file picker, you’ll be able to choose a file from any local source or cloud storage service.
Android now also offers an “immersive mode” feature that allows apps to hide the status bar at the top of the screen and the on-screen buttons at the bottom of the screen on Nexus devices. This means that apps like games, video players, and eBook readers could use the entire screen for content. This won’t happen automatically; it’s up to app developers to choose whether this is right for their app.
To go along with this, Android includes two new edge gestures. When immersive mode is enabled in an app, a swipe from the top or bottom edges will reveal the hidden status bar and navigation bar.
Better Memory Management
KitKat is designed to run on devices with as little as 512MB of RAM. Google has implemented behind-the-scenes improvements to Android 4.4′s memory management, and will be providing developers and OEM manufacturers with tools and options to take advantage of these improvements. These memory improvements are expected to lead to smoother multi-tasking as well.
The fact that less than half of all Android phones are running Android 4.x has led to fragmentation issues within Android. It looks like these memory optimizations may lead to greater adoption of Android 4.4, and this should help unify Android to some extent.
Further to previous installation, it has been observed that this new memory management have lead to faster app handling as well as minimalizing micro-lags which used to riddle Android since its inception.
The next screen provides us with the task handling, which is a built in feature of Android 4.4. A single swipe lets the user remove the application from application history which is further killed and removed from the system memory.
These can further be selected in the option of restricting the number of application to be kept running in the background from settings, however this has been introduced since android ICS.
2. Improved Google Now
You can now activate Google Now by simply saying “OK Google”. It’s not only available to Nexus 5,but also available for any android device capable of running Android KitKat. The contextual cards feature also gets an upgrade. Google Now cards will try to predict information you need based on your location, favorite sites or TV programs.
In addition, Android 4.4 features a new app-linking feature, which allows Google Search to deep-link search results to applications installed on a user’s device. So, for instance, searching for a restaurant via Google Now can direct you to a restaurant reservation app such as OpenTable, ready to make a reservation for that particular restaurant.
Email App Improvements
The included Email app has finally seen some love. The Mail app now looks almost like the Gmail app and shares many of the same navigation features and settings. It no longer feels like a forgotten relic.
Tap and Pay
HTG Explains: What is NFC and What Can I Use It For?
NFC hardware is being included in more and more devices – particularly smartphones, but also some laptops. For more information please refer website explaining the term.
KitKat includes a “Tap & pay” option on the Settings screen. Thanks to “host card emulation,” any app on Android can now emulate an NFC smart card. In the near term, this means that any device with NFCshould be able to use the Google Wallet app. In the long term, this means that there’s an integrated way for various apps — such as loyalty card apps and competing digital wallets, to work with NFC point-of-sale terminals.
Android now also allows apps to use “Reader Mode” and function as NFC readers.
These are just some of the notable updates in the Android 4.4 package. There are a number of other new features included in Android KitKat, such as low-power location monitoring, easy home screen switching, built-in infrared blaster support and a redesigned downloads app to name a few. If you want to know the entire list of changes, please visit the official Android website.
Above all, the Android 4.4 isn’t that an awesome update over the earlier versions of the OS, but it does bring good improvements to the millions of users using the OS. The improved memory management and the rest of the noted features combine to make Android 4.4 quite a notable addition to the Android family.
Challenges of BYOD
Bring Your Own Device or what we call BYOD is the trend of bringing your OWN device to the organization and to use the device in accessing privileged organizational information and applications. Employees are encouraged to bring in their own devices and are provided with applications and features of applications for usage.
Let’s look at Past and Current Trend of Mobile Devices
Organizational structure have been relying on internet since 2000. All of organizational applications and privileged data is provided in Organization’s own Server or what we call Network. Here we look at animage which gives us a very clear picture of Mobile sales or what we call Internet Device sales. Fig-1 clearly tells us Sales of Internet devices in the year 2000 have shifted from traditional Desktop and Computers to Smartphones and Tablets by 2013. These handheld devices have been provided almost full Internet Capability to be able to run almost every HTML based application provided by the organization.
Now lets’ have a look what analyst have been predicting on Internet devices. So from Fig-2 we can see, that the current trend of using Mobile devices have significantly risen from 2010 onwards, and we can expect the complete transformation for using Mobile Internet devices for Internet and applications which don’t need a conventional computer to perform.
Let’s have a look at Security Issues of BYOD Policy
1) End Node Problem:BYOD policy allows Organizational users to access Critical Organizational Information in their Handheld Device. This poses a serious Security issue which we call END-NODE Problem. In this case we can never be sure what the Device have been used for. The device is used for both Sensitive as well as Normal usage beyond network. Now if the users who is working with the Sensitive data saves in mobile hard drive , there poses a significant risk of Data Loss and Data Theft. So what can be done is, tackle the issue with App itself, which prevents or locks the user sensitive data, when tried to access separately.
2) Data Breaches: BYOD have tendency of Data Breaches, for example if the user loses his/her mobile device, then there is a possibility of the data being breached by anonymous user who ever gets the mobile device.
3) BYOD Phone No Problem: BYOD policy have employees who actually use their number as for work phone, and when the employee leaves the organization the leads and connections are kept in the employees, which in turn means data theft.
The most important criteria for an organization to allow BYOD policy, is to have a clear check on the data that is being displayed or stored in Employee devices, and create specific Security software mandatory for accessing the Company network which removes any residual corporate data. Furthermore the device belongs to the Employee and hence the organization have lesser control over the devices.
The major points to ponder on BYOD Security are:
1) The type of data to be processed on Employee Personal Device(s)
2) How to encrypt and ensure a secure access to corporate data
3) Storage policy of corporate data in mobile devices
4) Track edit and deletion of corporate data from personal mobile devices
5) Transfer policy of mobile data from device to company server
6) Social Network usage restriction
7) Corporate Data handling by Corporate Mail Server
Major Security procedures employed by organizations
The CDW-G Report on mobile security measures by US Federal employees, provide us with the statistics of widely used Security measures that have been provided for BYOD devices.
The most used and secured form of mobile security is using data in encrypted form. By encrypted form we mean, data transferred coded by a security key. The receiving device requires the same key to decode the encrypted data to get the information.
BYOD policy have also included enhanced security by multi-levelauthentication for access into company server, which in reality secures the data in case of loss or theft of devices. Organizations must be prepared to manage varying devices. A list of acceptable devices, possibly not too restricted and at the same time not too vast would be the best option. But some standard requirements will have to be fulfilled, with devices conforming to a specific level of functionality.
Are you ready to Mobilize Your Enterprise?
With the introduction of capable hardware and the accessibility of High Speed Internet in Mobile devices, major changes have crept in the usage pattern. People are moving towards mobility in a much faster pace than it was actually anticipated. Consider the scenario of accessing an application which previously needed a user to sit in a computer with internet capabilities, now accessed within a mobile with internet services. The same functionality without skimping down on features have empowered Mobile device users with the flexibility of working even on the go.IT Strategist of many organizations, big and small are adapting toMobile devices from traditional desktop and laptop. So, let us know why we should go for Mobilization and how it can benefit an organization and its culture.
Why go for Mobilization:
There are countless reasons for organizations to opt for mobility. Mobilization of enterprise applications are not just for appeasing the general masses but rather it increases the productivity of the whole organization many folds. Let’s have a look at ananalysis (Figure 1) of how Mobilization have helped organizations out there.
Let’s discuss about top 5 reasons:
1) Employee productivity is the most influentialfactor when organizations opt for Mobile apps and enterprise apps on mobile devices. This is primarily due to accessibility of enterprise apps on the go. Consider the most influenced employees are those who are constantly on the go and have to do a lot of reporting, like sales professionals.
2) Employee responsiveness is next in line with an employee being able to respond even when not in office, and also on the fact that the employees don’t have to do the tedious process of switching on a computer for responding to a corporate mail, rather than, access from a readily available mobile device.
3) Customer Issues are generally handled much faster owing to the fact that employees are provided with CRM apps in their mobile devices, which can generate reports on the fly and help them resolve customer issues.
4) IT issues are negligible, as an employee who is suffering from a system crash can readily file for a resolution via mobile device.
5) Customer satisfaction depends on many factors including, one as resolution of Customer issues and also if information is provided to customer on the fly, rather than replying that the employee needs to be in office to provide that kind of information.
If we look, the total turnaround time for all process in an organization, is greatly reduced, from Customer to internal processes, every process can be immediately logged and resolved at the earliest.
Let’s have a look at US Target Market.
If we consider an organization, typically employment starts from 25 years onwards and majority of the workforce belongs to the age category of 25 to 45 years. From the chart depicting US smartphone market we can clearly observe that, in this age group salary would be highest for the working people, considering these parameters the percentage of employees who are supposed to have a smartphone is as high as 65 to 70% roughly. So any Enterprise application tailored for them would be largely affected as they will be greatly benefitted and once enterprise apps are rolled out the rest of the numbers will also opt for smartphone or handheld mobile devices.
Mobility Driving Productivity:
Let’s look at what people have to say about mobilization in various countries across the globe (Figure 3).
A full 68% of the executives surveyed, say their personal productivity has improved by at least 20%, thanks to the use of mobile technology (Mobile phones, Wi-Fi-enabled laptops, other handheld devices and applications); while 91% say it has boosted the productivity of their employees substantially. These benefits have manifested themselves most clearly, in easier, faster access to people and reduced “dead time” while traveling, and overall in an improved level of responsiveness within the organization.
It is evident from the survey conducted as to what people want to do in various Target Market. If we talk about APAC (Asia Pacific) a whopping 60% wishes to move to Mobility in their Enterprise which is a very rapid emerging market. For established market the Enterprises are already advanced and hence shows a lesser trend to Mobilization as many companies have already adopted to Mobilization (Figure 4).
All in all, we see that starting from traditional to technologically advanced companies, every organization have seen a rapid shift to mobile and started employing BYOD (Bring Your Own Device) policy which allows user to bring their own Mobile devices to office with limited access to enterprise applications. This not only increases productivity but also enhances employee engagement and collaboration.