5 steps to take command of mobile

Eric Rife

The hottest topic in enterprise IT is secure mobility — in other words, allowing secure access to the enterprise infrastructure from any device, anywhere and at any time. Successful mobility solutions require deliberate implementation, disciplined security plans, careful consideration of who needs to be mobile-enabled, and the implementation of a sophisticated, secure, mobile enterprise infrastructure.

Here are five steps to take command of your organization’s mobility initiative.

1. Create a policy. Before committing enterprise resources to secure mobility, you must determine which job functions truly need to be mobile and why. Letting everyone go mobile without restriction is unrealistic, so define what job functions require mobility and set up user profiles accordingly. For instance, many workers will only need secure mobile access to e-mail rather than an entire suite of applications.

2. Make security dynamic. Borderless anytime/anywhere mobility presents genuine security challenges, and obviously, the consequences of a breach — especially of government networks — are extremely serious. A security plan must be dynamic enough to change as hackers’ tactics change and incorporate the latest multilayered credentialing technologies. Moreover, any security strategy must strive to eliminate vulnerabilities while presenting a fast-response action plan for dealing with a breach or failure. The plan should be at least as strong as the security plan at the physical office, with the addition of the capability to automatically lock out mobile devices that exceed security allowances set up in the user profile. For instance, device lockout can occur when someone uses unauthorized software or applications. User profiles can enforce corporatewide policies or be individualized.

3. Decide which devices to allow. Mobility doesn’t mean a device free-for-all, and an organization obviously cannot support all hardware, software, devices and apps. In other words, what does bring your own device (BYOD) really mean? What policies should be in place to screen or prepare devices for use on a secure network? Administrators of secure networks that are mobility capable must define the rules for allowable hardware and software (down to the version level) and might need to go even further. Will all types of browsers be allowed? Which apps must users have on their mobile devices before they can access the network remotely? You should set those policies early, while also creating a process for reviewing.

4. Set standards for hardware and software. For anyone who is granted network access, are there limits to resource allocation? Once those limits are set, then the real battle begins. Every single time a mobile device attempts to access your network, it must be compared against some type of standard to validate if the device meets the most current security criteria. If a violation occurs, predefined remediation steps should occur. As mentioned above, you should be prepared to lock out devices that suddenly appear to violate their approved profiles or have unauthorized software or applications.

5. Put someone in charge. Does your agency need a new position, role and title for mobility? Defining the security requirements for a mobility network will require sophisticated leadership, to say nothing of the ongoing rules and policies that must be put in place as devices, networks and threats change. Administration of the network isn’t a part-time job, so consider a dedicated mobility officer or a consultant who can provide the required level of expertise and attention. In today’s BYOD world, a chief mobility officer has to be part of every IT conversation.

About the Author

Eric Rife is director of collaboration at Red River, a provider of IT products and hardware-related services to the U.S. government.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group