Gerry Hampson, Senior Consultant Engineer with Ergo, speaks with Róisín Kiberd about how Ergo is helping businesses get more mobile and how to do it in a secure way.
“The biggest challenge we face now is that our typical users are tech-savvy,” said Gerry Hampson, senior consultant engineer at Ergo. “They like the devices they already have, and want to use them to access corporate data. And that’s not necessarily a bad thing. We in IT shouldn’t work to prevent it - we need to embrace it and manage it instead.”
Hampson sees the rise of the ‘BYOD’ mobile worker as an unequivocal positive for businesses, empowering users to work in a way they find more comfortable and efficient, even if it does come with security risks.
“Corporate boundaries don’t exist anymore. Previously, we could protect data from the outside world by hiding it behind layers and layers of security. But if allowing external access to workers is more effective for them, then why go for something different? Enterprise mobility has really evolved in recent years – it’s not enough just to secure a device,” said Hampson. “It’s vital that the data and the user’s identity are also protected.”
A holistic view of mobile device management is often also the most thorough: products favoured by Ergo include Microsoft’s Azure Active Directory Premium, a cloud directory offering comprehensive identity and access management; MDM product InTune, which manages security for mobile applications; and Azure Rights Management, an information protection solution which includes encryption and policies for identity and authorisation. Hampson explained the level of control this product offers its users: “We can put digital rights management on a document and email it. Only you can open it – someone can forward it on, but the recipient won’t be able to open it, for example. You can do really granular things like sending a document which can be read but not forwarded, or printed, or it might have a time bond on it so that it can’t be opened again after one month.”
Another problem that is often overlooked when it comes to mobile devices is that of 'shadow IT', the creeping usage of freeware downloaded online without IT’s knowledge or approval.
“People often aren’t informed,” said Hampson. “There’s a lot of shadow IT – it’s human nature to try it on, to get away with as much as you can. With corporate data on your phone, it’s never difficult to go in and find the settings to configure the device. It’s easy to copy settings onto a new phone and use that instead without letting IT at work know.”
Ergo has a solution for such slip-ups: “We implement something called conditional access for customers, where if they try and access corporate resources, say email or Sharepoint, from a new phone, it stops them, then sends them an email saying ‘you’re not enrolled in our device management solution.”
Once a policy is in place, and your MDM update, you can embrace mobile device usage more freely, drawing on new possibilities to help your business evolve. "It's a massive plus," said Hampson. "There are still conservative companies that haven't changed, but they're becoming less and less common. The ability to work remotely is a positive for any business. Personally, I live in Longford, a long way from our office, and working remotely saves me hours every day that I’d spend travelling. It means you can have a longer and more productive working day, too, so it benefits employers."
Mobile security means your employees can work from anywhere, at any time. "I can work safely on my tablet from anywhere in the world. Even if I lose my tablet, I'm able to buy a new device, enroll it by myself, and have it up and running again with all my corporate data accessible in minutes. Mobility vendors are putting a lot of money and research into this - Microsoft's Mobile First, Cloud First ethos is an example. It means there's been real progress in the area of enterprise mobility."
More and more, we have been hearing about companies who are not yet fully compliant with GDPR. In the latest...Read now
Security architecture refers to a unified security design that addresses requirements and potential risks involved in a certain scenario or...Read now