search

The First Step to Defence Grade Security and Visibility

blog image_receptionist

In our “3 Essential Tips for Managing Mobile in your Business”, we outlined 3 key areas where you need to gain control to effectively manage mobility. Our tips were:

  • Know what’s going on
  • Audit your costs and
  • Be App smart.

In fact, in our experience managing the large and small enterprise, these factors contribute to the biggest hidden mobility costs and risks within business.

Yet, it can seem impossible to keep up with the growth of mobility internally, especially when you’re juggling an already hectic workload.

So, how do you ensure you have the right users with:

  • The right device,
  • The right OS,
  • The right apps,
  • The right carrier plans
  • The right access, and all with defence-grade security for your workforce?

There are multiple steps to get you to defence-grade security and visibility.

What we mean by defence grade, is that all the safety measures, provided for the use of a smart device, meet the standards set for Defence, and other Federal government agencies such as ASD information security for example. This is complex, so we recommend that you begin with a comprehensive audit of your mobile environment today.

That first step is to accurately identify users and correctly attribute devices and carrier plans to them. While this may seem inconsequential, in our experience, even companies with as few as 50 employees begin to lose track of who has what device and on what carrier plan. Of course, this poses all kinds of risks, with security and cost topping the list.

In fact, in a recent audit we conducted on a customer with 800 services, we found 25% had not been used in the last 6 months, which is not uncommon. This equates to potential savings of $96,000 annually on a $40 plan. These unused services/devices also raise a number of important questions:

  • Where are these services/devices?
  • How are they being stored?
  • Who has access to them?
  • Why are they not accounted for?

Identify Base Users of Mobile Technology

Using a current list from the HR team coupled with the most up-to-date data from the IT team will allow you to create an initial view of mobile users and technology distributed throughout the business. It’s important to develop a single source of truth for the data and nominate a person responsible for its accuracy. This will be particularly valuable as you continue to grow.

 

Accurate Identity Management

Fully Identifying and auditing services, the devices and the users responsible for them, will require multiple data sources.  You will need the carrier bill file, the HR data base,  the asset register and a process for combining these sources into an accurate view of who has what.  This can be done through an end user interview, survey, SMS confirmations, etc. 

The important thing here is to audit the quality of the available data. You can’t have defence-grade security without complete visibility of your mobile technology, the users responsible for using it, and the unused services that leave you exposed.

 

Close security loopholes

Through a process of elimination, you will determine the unused services in the business.  Once you have a complete picture of all users, devices and services, the unused services become clear.  You then need to follow a process to disconnect those services, realise the savings from the exercise and close any exposure to your corporate network through unaccounted for services and devices.

 

Security and visibility of mobile users

There are multiple steps to achieving full security and visibility. This is the first step, and ensures you have a complete and accurate view of your mobile users, their devices and carrier plans.

The next steps involve using role-based workforce profiles. You need to allocate hardware, carrier plans, applications and network access based on each role's requirements with an EMM platform that provides the security specification you are looking for.

Part of this process involves developing policy, compliance rules and educating your workforce. Ultimately, this will help you to improve the employee experience while maintaining maximum security. More on that later.

 

Free download: Optimise your IT service delivery

Looking to improve the efficiency of your IT service delivery and enhance the user experience? Knowing and understanding your users is integral to the process. At imei, we've had years of experience with this process and have documented some of our top tips and success stories in our User Persona Profiles Whitepaper.

Whitepaper - User Persona Profiles

Topics: Security