Mobility is the biggest threat to security if mobile security is not handled effectively and efficiently. This is obvious fallout of the Bring Your Own Device (BYOD) policies that are being adopted under pressure from employees.
The first challenge to mobile security is the existence of a variety of mobile devices that can connect to the enterprise network—iPads, iPhones, laptops etc. Each device has its own OS, hardware, management console, services, supporting applications and security systems. Does the enterprise have to device a separate security protocol for each type of device / OS? Is there an omnibus security system that can be put in place to take care of the security issues of any kind of mobile device that may connect to the network?
The second biggest challenge is the existence of a variety of third party applications on the mobile devices. These applications have their own strengths and vulnerabilities. Viruses, Trojans and other types of malware, adware can enter the network if the mobile user has not downloaded and installed specified patches or the application developer has not safeguarded the application against specific virus attacks.
The third challenge lies in the existence of personal data on the mobile devices. Mobile owners would certainly be uncomfortable with the idea that the enterprise can gain access to their personal data when they connect their device to the enterprise network. The individual will have to ensure that the personal data remains inaccessible over the network and the enterprise will have to isolate enterprise data from unauthorized users who may have access to the mobile device.
Small and medium enterprises adopting BYOD may approach the problem of mobile security using Microsoft ActiveSync. This application provides security at a very basic level. However, enterprise grade security will require the use of more sophisticated tools and technologies. The mobile security tool must provide the enterprise with a wide-range of security options that are driven by policy level inputs. The tool must have the ability to identify enterprise data based on source and isolate the data from being saved into personal channels on the mobile device. In other words, employee work space is distinguished from employee personal space while access to either space is elaborately protected. If the encryption protocol used is FIPS (Federal Information Processing standard) certified, the enterprise can rest easier.
So, check what kind of mobile security is being offered by your Cloud backup service provider with specific reference to mobile security. The security of your network may depend on it!