This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
3. - When endpoint protection goes mobile: Read more in this section
- Enterprise BYOD has a mixed message for endpoint security
- Pairing risks and rewards for BYOD security
- Endpoint DLP: Five deployment tips
- Tools and Techniques for mobile endpoint security
- Is endpoint protection obsolete?
Explore other sections in this guide:
With the astonishing influx of smartphones and tablets into the enterprise, channel partners may find ripe opportunities in offering technology and management services to secure and manage the data flowing to these mobile endpoints.
Yet there are hurdles to overcome for channel partners. For one, while there are players in the ecosystem that offer pieces of the mobile endpoint security and management solution, many of these tools haven’t been battle-tested by the enterprise.
Furthermore, there are huge technical and legal challenges that have yet to be overcome when it comes to addressing enterprise data protection on personal and corporate mobile devices.
“How do you segment control for data on the device and how do you manage it without impinging on the employee’s right to privacy,” says Ted Julian, principal analyst at Yankee Group.
In fact, both in-house IT staff and channel partners are wrestling with balancing the needs of the employee with the need for endpoint protection.
Major concerns in mobile endpoint security
According to Ojas Rege, vice president of products at MobileIron, the three most vital issues in mobile endpoint security are:
- User expectation for full-use (business and personal) of the device: Expect employee push-back if companies impose a lock down feature.
- The prevalence of compromised devices and data: What if an employee attempts to jailbreak a smartphone or download an app that asks for inappropriate info?
- The balance between privacy and security (on employee-owned devices): Rege notes that more than 50% of smartphones and tablets brought into the enterprise are employee owned.
Tools of a mobile endpoint security practice
With businesses being forced to deal with what’s being called the consumerization of IT, including the CEO who wants to use a smartphone or iPad to do his or her job, IT is scrambling with:
- Insuring strong authentication, malware and antivirus protection is in place.
- Insuring against attacks and lost or stolen data.
- Balancing deployment of strong security that’s still simple for the end user as well as for IT to manage.
- Setting consistent policies.
- Adhering to regulatory requirements and having the ability to report on them.
There are a number of vendors providing products to help with device management and security.
For endpoint protection, i.e. finding, retrieving or wiping a mobile device, malware and antivirus protection and encryption products are broadly available from vendors such as Checkpoint Software Technologies, Juniper Networks, Kapersky Lab, LANdesk Software, McAfee and Symantec, to name a handful.
When multiple operating systems complicate endpoint management
But using these tools can get tricky considering the ever growing number of operating systems (OSs) running on these endpoint devices.
“Users have devices with a variety of operating systems and versions, all of which are managed differently with some platforms having more capabilities than others,” says Doug Field, senior mobility architect at Enterprise Mobile, a channel partner providing enterprise customers mobile solution deployment, management and support, located in Watertown, Mass. What's more, in a fast moving marketplace with new enhancements and upgrades being introduced often, things get even more complex.
MobileIron offers advanced mobile device management that combines traditional mobile device management capabilities with advanced data visibility and control.
That visibility and management can only be accomplished to a certain degree, says Tesar. MobileIron creates hooks into as many of the varied mobile device OSs as possible.
When it comes to using Network Access Control (NAC) for mobile device management, it can be used for authentication and to identify access. However, when using NAC for remediation, “You hit a cliff of what’s really out there given the disparity of OS protocols and apps,” he adds.
For strategic security consulting around mobility, channel partners are looking at an emerging opportunity that industry players agree will only get bigger.
“Customers are dealing with pain, they don’t understand best practices or the available options when it comes to mobile endpoint device management and security,” says Greg Maudsely, director of product marketing, Pulse Business Unit at Juniper Networks. “The channel partner willing to get the expertise in this area will become the trusted advisor to these companies,” he adds.