Securing Mobile Devices in the Enterprise

Mobile devices have been continually increasing their capability for many years. The ability to have a high degree of portability coupled with content creation capabilities and rapid email response are an attractive combination for users. Unlike an institution issued laptop which has robust encryption, complex passwords, and remote administration functionality, mobile devices like Android tablets and iPhones are less mature in the data protection domain. Modern mobile devices include fully standard compliant web browsers which are capable of running applications such as JavaScript and Flash as well as the ability to use content rich email and text editors for document or presentation creation. Mobile devices also have the additional capability to connect to a cell provider and function wirelessly on those networks. This new functionality provides for a real-time, push data to these devices. The mobile office is no longer limited to instantaneous text messages, but now instant email notification as well as complex collaboration capabilities. Push email has the potential to have sensitive data sent to the device without proper authentication. This instant connection allows for a more productive and robust workforce, but at the cost of data security. This paper will present an overview of the usage of mobility in the enterprise, the risks of having protected data on a personal device, and solutions that will enable the institution to move forward with personal device usage in the corporate setting.