Mobile devices in the workplace are here to stay. Juniper Research estimates that a cool, casual one billion personally owned devices will be enrolled in BYOD programs by 2018. While many employees have used mobile devices at work for years, the shift to mobility is still an ongoing process.
One of the greatest challenges businesses are facing during this transition is security, which remains the Achilles’ heel of enterprise mobility. According to the 2016 BYOD and Mobile Security Report, one in five organizations suffered a mobile security breach, and 39 percent of businesses cite security concerns as the number one inhibitor to BYOD. Fortunately, the tide is finally starting to shift as businesses get smarter about their mobile security. These mobile security trends in 2016 are emerging to streamline adoption and unleash the full potential of a mobile-enabled workplace.
1. Smartphone authentication
It’s no secret that mobile devices can make businesses vulnerable. A report from NowSecure estimates that 24.7 percent of mobile apps include at least one high-risk security flaw, and 35 percent of communications sent by mobile devices are unencrypted. Diving deeper, business apps are three times more likely to leak login credentials than the average app.
While mobile devices can represent weaknesses, they can also be a useful tool in fixing them. Smartphones are nothing if not intimate devices, and in 2016, businesses are increasingly taking advantage of their authentication capabilities. For example, many smartphones today offer biometric authentication through fingerprint scanning, and enable two-factor authentication. Smartphones can also be used as a credential; when deployed properly, they can enhance—rather detract from—security.
“Consumerization of the Enterprise” is hardly a new meme, but it’s often referred to as tools, like workplace communication platforms, instead of security. The consumerization of these practices is a building trend in 2016.
Businesses (and the companies serving their security needs) are making their security protocols as user-friendly as possible because they realized that when the protocols are inconvenient, annoying, and confusing (or all of the above), employees don’t adhere to them as closely as they should. By creating streamlined, easy-to-use ways to manage digital identity and protect sensitive information, employers help ensure that best practices are followed.
3. Wearables and IoT
Mobility today doesn’t just encompass smartphones and tablets, but also wearables and IoT devices. Statista estimates that 22.9 billion connected “things” are in use worldwide in 2016. Corporations are increasingly adopting these devices across the board, from tracking assets and managing energy to monitoring employee safety and productivity. Adopting these additional points of connectivity also requires a companion adoption of security practices that unify activity across devices, while also keeping them protected—think biometrics and RFID tags.
4. Containerized BYOD solutions
According to Consumer Reports, 2.1 million people in the US in 2014 had their smartphones stolen. Considering how many people use their smartphones for work, this is a huge concern. If the phone is unprotected and falls into the wrong hands, an organization could be in trouble. As such, many employers are adopting containerized BYOD solutions to address the security risks that arise when employees work from their own devices.
Containerization solutions isolate business content in a separate workspace that can be removed from the device. This allows organizations to keep business content secure and allow employees to use their personal devices for work, without forcing them to maintain that same level of security when they’re on their phone for personal use. And—in the event that the phone falls into the wrong hands—business data and access points remain safe.
5. Robust BYOD policies
The early days of the BYOD movement were like the Wild West. There were few rules and enterprises and employees alike learned lessons the hard way. Robust BYOD policies are one of the biggest mobile security trends in 2016—organizations realize that policies can be as important as technology when implementing security measures.
A formal BYOD policy should involve a number of provisions. The first is to require passwords. This may seem obvious, but NowSecure estimates that 43 percent of mobile users don’t use a passcode, PIN, or pattern lock on their device. A BYOD policy not only needs to require passwords, but also strong password requirements, including minimum password lengths (at least three special character sets), and regular changes. In addition, more and more BYOD policies are including access controls based on login attempts, inactivity, and restrictions on reuse.
Mobility is somewhat old-hat for employees and office admins these days, but that doesn’t make the need for vigilant security practices any less pressing. The security landscape is constantly changing and businesses have to change along with it.