Keys to a Secure Mobile Enterprise
An enterprise-class mobile solution will have many key security features to reduce the risk of sensitive data becoming exposed, or stolen from a device.
25 July 2014
The mobile cloud promises faster time to market, increased business productivity, and reduced costs — but it also presents serious challenges. If you don’t use the cloud safely, you risk letting hackers gain access to sensitive corporate data.
Mobile application security is a pressing issue facing CIOs and information security professionals. In today’s enterprise, employees could be working in the office, remotely, and on-the-go, across a variety of different devices, channels and tools. Information technology managers need a mobile solution they can trust to maintain complete business visibility and control, while still allowing their employees freedom to share information at will.
Such a mobile solution should be easy to use, simple to provision, and straightforward to deploy to satisfy end user needs. To protect your content and keep your employees productive on-the-go, you must balance security and adaptability. With continuously evolving data regulations and stringent governing requirements, maintaining security and data privacy over information stored on mobile devices becomes increasingly difficult.
If applications are poorly designed and managed, you risk leaving sensitive data exposed. With that said, mobile security cannot be an afterthought. Rather, it must be a major requirement throughout the entire development lifecycle — from planning to development, and from testing to release readiness.
The Data in the Devices
An enterprise-class mobile solution will encompass many key security features — ones that will reduce the risk of sensitive data becoming exposed, or stolen from a device. Mobile device security features should include:
- A personal four-digit passcode
- Automatic account locking after three incorrect password attempts
- A secure cache to store user files
- Automated file deletion from a mobile device’s memory when the user exits the app
- Device-level personal identification number codes
- The automated wiping of corporate data when timeouts are exceeded
Hardened App Security
Additionally, your mobile security application should have the following capabilities:
- Full audit tracking and audit compliance
- A block on saving, copying, or printing sensitive data
- Application-level encryption via an advanced AES-256 algorithm
- Multi-layer key management
- Support for a unique 256-bit-length encryption key, with master key protection
- Administrative controls that prohibit access to both the database and the application server (which is needed to access the master key)
- A standardized single-secret key exchange
- The ability to protect marked files without invoking a key exchange
- The ability to automatically generate keys at every endpoint
All in all, a secure mobile enterprise solution should balance the need to enhance your organization’s productivity — but all the while enabling security and control over the shared information.
Want to read more about our solution? You can learn more here at Intralinks Secure Mobile.
Britany DiCicco supports the enterprise product marketing team at Intralinks focusing on market analysis, positioning, messaging and go-to-market initiatives. Britany’s previous experience at Intralinks included analyst relations, competitive intelligence, and marketing. She graduated from Northeastern University with a degree in Economics.