All eyes are on mobile: users, devices, data and business processes. While companies still struggle to adapt, CIOs are looking beyond just mobile devices. They're looking for an approach to enable better productivity for users by letting them access their data and apps across any device while remaining secure. Symantec presents "The Mobility Challenge – Optimizing Mobile Devices, Protecting Your Information and Providing a Great User Experience.” (MobileCON 2013 - CIO Summit)
2. Trends Impacting Mobility
New Platforms,
New Devices
An App Centric
World
Data is
Everywhere
User Experience
is Paramount
High Speed Networks Increasing (LTE)
2
4. Innovators Blazing the Path
Innovators are achieving revenue objectives...84% of
innovators pursue mobility by business drivers.
66% of innovators say mobility benefits outweigh
mobility risks.
- Symantec’s 2013 State of Mobility Survey
4
8. Problem: Malware
28%
Collect Data
What Mobile
Malware
Does With
Your Phone
25%
24%
Track
User
Send
Content
67% of enterprises
are concerned with
malware attacks
spreading from
mobile devices to
internal networks
- Symantec 2012
State of Mobility Survey
16%
Traditional
Threats
7%
Change
Settings
8
13. Seamless Coexistence
of Corporate and Personal
Allow Personal Devices
Access to Corporate Information, Securely
Auto-configuration of Settings Like Wi-Fi, VPN
Lock and Wipe Specific Corporate Data Only
Privacy-Addressed
No Device Level Controls
No Monitoring of Device Apps or Data
Focus on Corporate Data and Apps Versus Entire Device
Personal Apps
Personal Data
Corporate Apps
Per-App Policies
Travel
Expense
iDoc
Pinpoint Revocation
1
17. Implementing a Mobility Strategy
Plan for Multiple Use Cases
Provide Device Choice
Design Policies to Protect Data
Support Native User Experience
Single Point of Control
1
18. Comprehensive Mobility
User & App
Access
App & Data
Protection
Device
Management
Threat
Protection
Secure File
Sharing
1
With a comprehensive mobile protection strategy you can have the best of both worlds. Get the benefits, prevent the risks. --In a recent survey, we got a lot of great data and then we broke the participants into categories based on their attitudes towards adopting new technology and related risk.The more innovative category is companies that are early adopters of new technology whereas the traditional category is those who are more reactive to changes and resistant and take longer to adopting new technology. What we learned was that the more innovative companies who are adopting new technology like mobile are achieving benefits just by allowing mobile to be used.However, at the same time mobility can expose you to some additional risks like data loss. However, mobility has great advantages, even with the losses. But today, those losses can be avoided.Most organizations are only allowing email on mobile devices. Imagine the benefits that mobility can provide when fully embraced. So why not get the benefits of mobility by leveraging the latest protection technology to avoid the risks. With a comprehensive mobile protection strategy you can have the best of both worlds. Get the benefits, prevent the risks. ------Back ground Detail about the study (Don’t present verbatim) The organizations surveyed fell into two broad categories: Traditional organizations and Innovator organizations.* Perhaps the highest-level difference between innovators and traditionals is how they view change: Innovators see change as an opportunity, while traditionals view change as a risk.As such, innovators welcome change and are early adopters of new technology. Given their view of change, they often seek out or even create change, as they believe this will create opportunities for the organizations.Not so with traditionals, who will only change after a lengthy study of a new situation. They are late adopters of new technology and value time-honored practices over bold, innovative action. They are more reactive than proactive, change only if necessary.Nor surprisingly, innovators and traditionals approach mobility very differently …Focus more on the message that mobility has great advantages, even with the losses. But today, those losses can be avoided__________________________________________*To determine whether a company was an “Innovator” or a “Traditional,” we asked them a series of 5 questions, where they rated themselves on a scale of 0 to 10, with 0 being the most traditional (conservative), and 10 being the most innovative (leading edge): Survey questions were:When faced with change, is your company conservative or bold?When faced with a new technology, which best describes your company’s initial reaction?Where does your company typically fall on the adoption curve?Is your company proactive or reactive?Is your company traditional or innovative? We then split the companies into three equally sized “tiers,” based on their average scores for these questions. The bottom (or lowest-scoring) tier was labeled “Traditionals,” while the top (or highest-scoring) tier was labeled “Innovators.”Where are you in your blend of new technology and related risk?In our experience, here’s what separates innovative companies from pack? Innovative companies are looking beyond MDMOf course, early adoption does come at a cost. When asked about mobility mishaps (lost phones, security breaches, etc.) innovators had more than twice as many incidents in the past 12 months and experienced more losses … the top three being:Lost productivityDirect financial costs (money or goods)Loss of organizational, customer or employee dataYou can have the best of both worlds…experience benefits and prevent against incidents.Source: $136 cost/record =Ponemon Institute 2013 Cost of Data Breach Study: Global Analysishttp://bit.ly/10FjDik At the… By leveraging…
If you’ve spent any time considering the extent of your mobility program and the things that need to be thought through, you start to get a real sense for just how complex implementing it can be. The ultimate paradox is that something which can be so simple and useful for the users is so inherently complex for IT.We’re dealing with myriads of device types and multiple versions of multiple platforms. That’s a BYOD problem AND a Mobile First problem. We’re dealing with applications that have no inherent security model or an internal security model that doesn’t control interaction with the OS and apps……And I’d be remiss if I didn’t acknowledge the fact that “mobility” is not just about managing employee engagement. The broader mobile program engages consumers, business customers, and partners as well. It may even prescribe machine to machine interactions. It’s often subject to the designs that marketing has for it and IT may inherently assume some responsibility for external engagement in addition to internal.A good question is: What has the business asked of IT for mobility?An even better question is: Is mobility an IT project or is mobility a business initiative? [Guiding Principles] (Note that you’re not covering governance and policy controls here, only technical controls)Back to the context of employee engagement, there are a few *really* important principles to consider when implementing technical controls in a mobility strategy:The first driver should be the business. It’s not always, but it should be. Translated to mobility, what applications or processes are target-rich for deploying to the mobile OS?Apps to consider here are usually industry specific: things that help your industry to transact business……or perhaps line of business apps such as HR, CRM, or field service.Productivity apps, including approvals, time, and expense, are frequently targeted……and analytics, such as forecasts, dashboards, and KPIs.It’s likely that your apps will be a blend of internally developed and 3rd party apps. Licensing becomes a consideration just as it does in a desktop environment.A vital factor to consider is the user experience. The user experience is PARAMOUNT. Appealing and efficient applications can be a factor in employee satisfaction. Users don’t want to use what we like to call “crapplications”.You’ll need to decide whether a BYO or CYO program is right for your company or if mobile devices should be corporate-owned. Perhaps the best strategy is a blend.The notorious afterthought in mobility is data loss prevention. Perhaps it was because we believed there was always going to be an acceptable level of risk with a strategy that was MDM-centric. Now however, there are better methods of securing apps and data and we can prevent data loss.I talked about the user experience. Aside from the basic way the app UI works, it is also critical that we preserve the user experience while securing the apps and data. A key design tenet in securing mobility needs to be a requirement not to introduce any non-intuitive extra steps just for the sake of securing data. Security must be invisible. Mobility Without Vulnerability.Finally, part of what makes managing mobility complex is that the management tools are often segmented into different functions. It’s important to have all the functions within a common console, sure, but there needs to be a common management platform driving it too.