Cloud Security & Management for Your Customers’ Mobile Strategy
“Work is no longer a destination, it’s an activity,” declared IT industry executive Robert Frankenberg in 2015 — and his statement has never been more true. Today, more users are getting more done on mobile devices than ever before. We live in a world where a plethora of business smartphones and tablets are commonly connected to corporate networks, enabling employees to easily access applications and data anywhere. Although the mobile movements allows greater productivty and collaboration in the workplace, it also creates challenges around security.
IT’s mobile device management challenge
It all happened so quickly. Mobile devices for business arose quickly, grew quickly and became a complex information technology (IT) management challenge quickly. On-premise management and security systems have also become overburdened by the effort to connect to so many devices in so many ways. IT managers who had finally conquered server sprawl through virtualization and consolidation now find themselves faced with management platform sprawl. The bottom line is that mobility creates a need for greater security protocol around connected devices.
According to a Clutch.co survey conducted in December 2015, 31% of recipients believed that security was the primary problem they encountered with cloud infrastructure use. As cloud has continued to grow, cybercriminals have also become more advanced. This brings security to the center of cloud-based solutions for service providers.
Microsoft Cloud Solution Provider (CSP) solutions
Microsoft’s Enterprise Mobility + Security (EMS) enables Cloud Solution Providers (CSPs) to deliver comprehensive management and security to customer networks that include both mobile and on-premise segments.
This is especially important for CSPs whose focus and specialties lie elsewhere. Data, network management and security are paramount for literally every organization that uses IT. Thanks to the availability of EMS, even CSPs who do not specialize in management are able to offer clients complete solutions to run their applications and workloads with confidence and peace of mind knowing that every user is protected wherever they may be.
What needs to be protected?
When discussing EMS with customers, it helps to point out that there are three basic components of the IT environment that the software protects: the user, the device and the data. When the entire network and users were all on premises, there was a fairly straightforward understanding of what needed to be guarded at all times. Inclusion of cloud services connecting on-premise and mobile users hasn’t changed the notion that sensitive information needs to be encrypted and monitored for security purposes; but, it has changed the approach that must be taken to do so.
- The user’s identity
Given that mobile devices are vulnerable to theft or loss, even the most trustworthy users may inadvertently allow unauthorized access to corporate resources. The first line of defense against this is to authenticate the identity of the user. With strong multi-factor authentication, mobile devices found or stolen by outsiders are rendered useless for corporate network access.
User password protection has been a challenge for mobile users who want their devices to be easy and convenient to use — entering passwords is the exact opposite of that. Single Sign-On reduces the number of passwords a user has to remember, and the number of times they need to enter them. Multi-Factor Authentication also strengthens the protection of the user’s identity.
Additionally, Microsoft Azure Active Directory, combined with Active Directory on the on-premise network, provides a seamless environment in which users can access applications and resources from wherever they are being run without need for multiple IDs and passwords.
- The client's device
Especially in an age where it’s common to have a Bring Your Own Device policy at work, IT managers are faced with the need to manage multiple operating system platforms. Ideally, these managers would like to achieve universal control from a single management platform.
EMS manages and secures all popular operating systems including Windows, Apple iOS, Android and more.
Protecting devices must also include protecting the network that they connect to. Beyond user authentication, network access control examines the actual device to make sure it qualifies to connect.
- The data
In the end, it’s all about the data. Data is the high-value asset that every part of an IT environment is built to support. During transmission from device to server, or at rest in cloud storage, sensitive data must constantly be protected from corruption or theft. Especially in multi-tenant cloud environments where several different organizations share separate virtual machines (VM) hosted on the same physical server, data encryption is a must to assure that anyone inappropriately accessing the information ends up with useless gibberish.
Including the user, their device and the data as part of the entire environment will help your customers understand and appreciate the value of including EMS in their cloud solutions.