Mobility

5 steps to take command of mobile

Eric Rife

The hottest topic in enterprise IT is secure mobility — in other words, allowing secure access to the enterprise infrastructure from any device, anywhere and at any time. Successful mobility solutions require deliberate implementation, disciplined security plans, careful consideration of who needs to be mobile-enabled, and the implementation of a sophisticated, secure, mobile enterprise infrastructure.

Here are five steps to take command of your organization’s mobility initiative.

1. Create a policy. Before committing enterprise resources to secure mobility, you must determine which job functions truly need to be mobile and why. Letting everyone go mobile without restriction is unrealistic, so define what job functions require mobility and set up user profiles accordingly. For instance, many workers will only need secure mobile access to e-mail rather than an entire suite of applications.

2. Make security dynamic. Borderless anytime/anywhere mobility presents genuine security challenges, and obviously, the consequences of a breach — especially of government networks — are extremely serious. A security plan must be dynamic enough to change as hackers’ tactics change and incorporate the latest multilayered credentialing technologies. Moreover, any security strategy must strive to eliminate vulnerabilities while presenting a fast-response action plan for dealing with a breach or failure. The plan should be at least as strong as the security plan at the physical office, with the addition of the capability to automatically lock out mobile devices that exceed security allowances set up in the user profile. For instance, device lockout can occur when someone uses unauthorized software or applications. User profiles can enforce corporatewide policies or be individualized.

3. Decide which devices to allow. Mobility doesn’t mean a device free-for-all, and an organization obviously cannot support all hardware, software, devices and apps. In other words, what does bring your own device (BYOD) really mean? What policies should be in place to screen or prepare devices for use on a secure network? Administrators of secure networks that are mobility capable must define the rules for allowable hardware and software (down to the version level) and might need to go even further. Will all types of browsers be allowed? Which apps must users have on their mobile devices before they can access the network remotely? You should set those policies early, while also creating a process for reviewing.

4. Set standards for hardware and software. For anyone who is granted network access, are there limits to resource allocation? Once those limits are set, then the real battle begins. Every single time a mobile device attempts to access your network, it must be compared against some type of standard to validate if the device meets the most current security criteria. If a violation occurs, predefined remediation steps should occur. As mentioned above, you should be prepared to lock out devices that suddenly appear to violate their approved profiles or have unauthorized software or applications.

5. Put someone in charge. Does your agency need a new position, role and title for mobility? Defining the security requirements for a mobility network will require sophisticated leadership, to say nothing of the ongoing rules and policies that must be put in place as devices, networks and threats change. Administration of the network isn’t a part-time job, so consider a dedicated mobility officer or a consultant who can provide the required level of expertise and attention. In today’s BYOD world, a chief mobility officer has to be part of every IT conversation.

About the Author

Eric Rife is director of collaboration at Red River, a provider of IT products and hardware-related services to the U.S. government.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.