When it comes to being productive on the job, beyond our laptop or desktop, few would argue that a mobile device is our most relied upon productivity tool. However, as more and more businesses provide company-owned phones or allow personal phones to connect to the network, so too, does the risk for increased security breaches.
Most organizations I speak with have a mobile device management (MDM) solution in place, allowing IT to manage and control access to the network. MDM serves its purpose, primarily preventing mobile devices from connecting to your network without authenticating that the device is compliant with company policy and has the latest software required. In the case of a user trying to connect to company email, for instance, unless the phone is authenticated as being managed and compliant, the email server can’t be accessed.
For all the benefits of MDM, the ability to backup data, the ability to manage devices and users, and provide automatic updates, for example, there are shortcomings. While MDM is on the front lines of securing your network, it requires IT staff to monitor and provide updates in a timely manner. It often doesn’t account for what is often seen as one of the weakest links in the security chain—your own employees. I’ve seen instances where a corporate user pulled a SIM card out of their work phone and put it in their personal device, essentially giving their personal phone access to many of the companies crown jewels, and then absent-mindedly handing the device over to their toddler to play games on their phone to keep them ‘distracted’ while they worked from home. While there’s little risk of a security breach in this, it highlights the carelessness that may be going on with your corporate managed devices. Remember, MDM protects how the device is used, but when the network SIM is placed in a new, non-compliant device, it’s open season for overusing company LTE connectivity with streaming videos and online gaming eating up hundreds of Gigabits worth of usage.
In many highly regulated verticals such as healthcare, financial services, and government, non-compliant devices can take on heightened risks, with potential fines for violating companies. While MDM does secure the devices themselves and their business applications, it doesn’t secure or analyze mobile device internet traffic, leaving the device browser unprotected. These “backdoors” can leave your network vulnerable to attack and can result in a tarnished public reputation, litigation, and loss of shareholder value.
To combat this, MetTel will soon be launching a solution that significantly reduces the risks associated with mobility, extending the key benefits of SD-WAN to mobile devices. We’re calling it SD-M, and much like SD-WAN, SD-M is cloud-based and will provide administrators with actionable insights to understand factors impacting performance, costs, and security. By extending SD-WAN capabilities to mobile devices, administrators can more thoroughly analyze current data usage, and keep their organizations safe and compliant.