We live in a time where a generation of workers has never plugged in a cable to get on the Internet. And while this mobile-first world has been great for productivity, it’s led to greater risk and challenges for the security team.
Today, security is so much more than just a firewall. As we saw in our recent webinar, co-hosted with Microsoft to discuss their new Enterprise Mobility + Security Suite, breaches are resulting from weak end-user passwords or error, as well as a lax attitude toward SaaS and third party “Shadow IT.” Add to that infrastructure complexity brought on by cloud and hybrid environments and everything you knew about security is changing.
How to build security for mobile-first?
There are a few major steps any enterprise can take to tackle mobile-first security issues without sacrificing productivity.
First, work on your “security posture.” Think about security in terms of three interconnected elements: Protect, Detect and Respond. You want to be able to protect your users, devices, and data. You must be able to detect when something fails. And then you have to be able to act quickly.
Second, as you are creating your security plan, start by breaking down the task into five distinct areas: Identity, Device, Apps, Data, and Infrastructure. This ensures you can act holistically in mitigating risk.
Third, understand what you can accomplish with investments you have already made into security and what gaps there are left to fill. In some cases, investments in such things as Azure and Office 365 already give you access to new security tools and solutions.
Finally, keep it simple. Mobility is all about getting work done in a way that pleases the end user. Anything that feels like it gets in the way will not be adopted.
How does Microsoft Enterprise + Security help?
There is certainly a lot to manage — which is why a wide-ranging solution such as Microsoft Enterprise + Security Suite (EMS) can be a powerful tool for maintaining the mobile-first enterprise.
As we saw on the webinar (watch for full details and detailed product overviews), EM+S has a solution designed specifically for each element of your security plan:
Identity Management in the Cloud: Azure Active Directory Premium is an identity and single-sign-on solution that brings simplicity and powerful capabilities to administrators and users alike. Support for over 2,500 third-party apps means employees need just one password to do their work. The solution also allows for scenarios such as shared applications (like a corporate Twitter account with multiple users) and control tools for managing access to specific users.
Mobile, Cloud App Management: Microsoft Cloud App Security gives you insight into what is going on with third-party apps and can do much to curb unwanted Shadow IT. It monitors the usage of thousands of third-party web applications and can help you alert users when risks arise. It’s completely agent-less too, so there is no impact on end users or their device.
Information Protection: Azure Information Protection protects data with classification and has some pretty amazing rights management tools. With it you can classify documents automatically (such as anything containing credit card numbers). And you can even monitor a document as it travels around the world — and hit a kill switch if it appears to be in the wrong hands.
Device Management: Microsoft Intune gives you traditional mobile device management (MDM) tools and has a couple of very useful BYOD-friendly features. One stand-out example is that it lets you manage just a subset of enterprise applications on non-enrolled, personal devices. So you can watch over how a user manages their Outlook App, but have nothing to do with their personal Facebook.
Infrastructure (On-premise) Security: Microsoft Advanced Threat Analytics (ATA) answers a very important need for enterprises with hybrid cloud and ongoing demands to protect on-premise infrastructure. One thing ATA does very well is to build an understanding of a user’s typical behaviors, or their “patterns.” Let’s say your user all of a sudden accesses his email from a country on the other side of the world, you will be notified — and you can address the problem in a matter of hours.
The modern challenges for security are complex. But the solution is deceptively simple. Consider building a holistic “security posture” to address all the moving parts. A solution such as EM+S is a great way to do so.