For Northcentral University, an online, for-profit college based in Phoenix, going with a traditional security maker for mobile management capabilities was a no-brainer.
David Bridgman, information security manager/information security officer for Northcentral, says the university purchased Sophos Complete Security Suite about four years ago but hadn’t yet enabled the software’s mobile features.
“When we saw that Sophos had everything we needed, plus the mobile security, we decided to activate it because it was included in the licensing fee,” says Bridgman, who has worked for the university for about one year. “We were already paying for it.”
Bridgman says firing up the mobile security features within Sophos was as simple as provisioning a virtual server for the features to run on. Now, along with anti-virus, encryption and web filtering, Bridgman can remotely wipe devices and push out applications.
“We can also easily remove a person’s profile when he leaves without impacting the rest of the device,” Bridgman says. He notes that the functionality is ideal for bring-your-own-device initiatives, “especially at a university where there’s a lot of sensitivity to the IT department touching a user’s personal device.”
Chris Silva, a Gartner research director, says manufacturers such as Sophos have done a lot of work to tie together many of their security offerings. “When organizations go with an existing security vendor or adopt a bundled suite of mobile management tools, they may get preferential pricing or receive baseline MDM or mobile application management features at little or no cost,” he says.
Increase in the number of mobile malware samples found by McAfee Labs in the past year
SOURCE: McAfee Labs, “McAfee Labs Threats Report,” June 2014
Adjusting to Mobility
Jason Wearley, executive director for IT infrastructure services and support for Kent State University in Ohio, says the university takes a similar approach to mobile security tools.
Wearley says the Kent State IT staff uses the ActiveSync tools within Microsoft Office 365 to manage mobile devices for administrative staff and faculty, and uses the MDM tools within Google Apps for Education for the students.
However, Wearley sees a time where the university will need a more robust product. The IT department is strongly considering deploying the tools within McAfee’s Complete Endpoint Protection Enterprise as opposed to going with a point MDM solution. “McAfee has been a longtime partner in security with its endpoint encryption product, and we are interested in expanding that technology,” he adds.
Five Mobile Security Must-Do’s
Gartner Principal Research Analyst Dionisio Zumerle offers IT managers these tips for locking down mobile devices:
- Ask users to opt in to basic enterprise policies and be prepared to revoke access controls in the event of changes.
- Require that device passcodes include length and complexity as well as strict retry and timeout standards.
- Specify minimum and maximum versions of platforms and operating systems. Don’t allow models that cannot be updated or supported.
- Enforce a “no jailbreaking” rule and restrict the use of unapproved third-party app stores. Devices seeking privileged access should be disconnected from sources of business data and potentially wiped.
- Require signed apps and certificates for access to the organization’s email, virtual private networks and Wi-Fi.