Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 3 July, 2022
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Bad Option – the lemming approach

by The Gurus
March 15, 2016
in This Week's Gurus
Share on FacebookShare on Twitter

I’ve never actually seen lemmings jumping off a cliff but I have observed companies blindly following others into bad decisions regarding their security. It seems CEOs and CIOs are unwilling to spend the time analysing their requirements and undertaking a robust selection process to ensure those requirements are met. They prefer to “follow the crowd”.
One area in which I’ve seen bad decisions being made is in the selection of mobile device management solutions. Many companies prefer to select the same solution as their competitors. I assume the thinking is “we need a solution so that we don’t get left behind” and “if our competitor has chosen a solution it must be good”. Unfortunately, there are then two companies with sub-optimal solutions.
There is no doubt that support for mobile devices is essential for all companies these days but one size does not fit all. In fact, there is great diversity in the deployment of MDM solutions. A solution for staff is necessarily different from a solution for business partners, and much different from a solution for customers. For staff, companies must decide whether they will issue corporate devices, over which that have complete control, or support a BYOD strategy whereby they encourage their employees to use their own phones for company business. If it is the latter, they will probably want to put a “protected zone” on each staff’s phone over which the company has complete control. These sections in the phone’s memory can be deleted if the device is lost or the staff member leaves the company.
For business partners putting a protected zone on their phone presents a challenge because most people will not let a third party interfere with their phones and tablets. Indeed, they might be corporate devices issued to the business partner’s staff. This means less control over the remote device and it is therefore important to segment the business application(s) that these organisations can access so that access to protected areas remains restricted and only appropriate facilities are exposed externally. A business process mapping exercise will typically identify the transactions that need to be supported and the interface required to facilitate access by external devices.
Customers are generally easier to support, unless you need to positively identify users as they access your facilities. If you are going to offer customers the ability to write to your facilities i.e. purchase from your website, and you want to track their access, a mechanism to have the user identify themselves is a good idea. Since customers generally will not register for a username and password a better solution is required. A better solution is to provide your customers an “app” for interaction with your company. This provides the ability to use modern technology to positively identify them via the device they are using every time they access your facility.
The next challenge is to adequately manage the application you put on external devices. If it is to provide your business partner access to you inventory levels the challenge is modest, if you are tracking customer access for marketing purposes and you want to understand how your users transact business with your company, you will want to track their transit through your site so that you can identify problem areas, hopefully before the application is deployed. That means you need an application development tool that facilitates keeping your customers happy and your facilities protected.
So – there’s no “cookie-cutter” approach to mobile device management. To select a product based on what everyone else is doing is abrogating your responsibility to your company. You need to know what you want before you go to market, you need to document your requirements and you need competent staff to properly manage the search and selection process.
To do anything less is too lemming-like.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Survey shows lack of concern around cyber security from UK students

Next Post

Join UK’s top CISOs for cutting debates

Recent News

A Vulnerability Management Program is Nothing Without Identity Risk Protection

A Vulnerability Management Program is Nothing Without Identity Risk Protection

July 1, 2022
SPACE Dynamic Orchestration in the SASE Cloud with Cato Networks

A Research of Threat Actor Activity & Myths Busted by Cato Networks

July 1, 2022
SPACE Dynamic Orchestration in the SASE Cloud with Cato Networks

SPACE Dynamic Orchestration in the SASE Cloud with Cato Networks

July 1, 2022
Over a Decade in Software Security: What Have We learned?

Over a Decade in Software Security: What Have We learned?

July 1, 2022

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information