Today’s mobile workforce demands instant, ubiquitous access to information. Gone are the days when IT teams can restrict access to sensitive information based on physical presence in an office. The challenge today is enabling anytime, anywhere access to information without compromising on security considerations.

At the RSA Conference 2018 in San Francisco last month, mobile security was a major topic of conversation. Organizations are looking for ways to enable more effective authentication of users and secure BYOD devices. Fortunately, mobile authentication and security solutions provide the ability to actually strengthen security while enabling mobile access.

Authentication Beyond Passwords

The era of the password is drawing to an end. While we’ve relied on secret pieces of information to safeguard our access to information and systems for decades, it’s clear that password security is no longer adequate to protect against increasingly sophisticated attacks. We’ve witnessed a series of major security breaches that relied on a simple technique — using social engineering to steal a legitimate user’s password and then employing that password to compromise a network.

The threat of password theft is only growing. In 2017, security researchers discovered 1.4 billion stolen username and password combinations on the Dark Web. The 2018 Verizon Data Breach Investigations Report rated the use of stolen credentials as the number one cause of data breaches.

Fortunately, we already have a strong technical solution to this problem: multifactor authentication. Organizations can couple a knowledge-based authentication technique with either biometric or token-based approaches to provide a much higher degree of confidence in a user’s identity. Biometric approaches use facial recognition, fingerprints, voice analysis and other physical characteristics to verify a user’s identity. Token-based approaches use a physical object carried by the user to confirm identity. The most common token-based approach today is the use of smartphone apps that ask the user to confirm login requests. Some organizations now allow users to select the most appealing multifactor technique from a menu of available options, improving user satisfaction.

Securing Devices in a BYOD World

In addition to providing strong confirmation of user identity, IT teams should also carefully consider the devices used to store and process sensitive corporate information. In the era of BYOD policies, users want a single device for both business and personal use. Corporate IT teams find themselves charged with the task of ensuring that this access occurs in a secure manner.

Mobile device management (MDM) solutions provide enterprise IT teams with a way to simultaneously manage both enterprise and personally owned devices throughout the organization. Administrators may use MDM to enforce security configuration policies, perform remote wiping of lost or stolen devices and promptly apply security updates. MDM provides organizations with the assurance that all devices handling sensitive information meet the organization’s minimum security baseline.

Security technology continues to evolve to meet the changing needs of the mobile workforce. Multifactor authentication, mobile device management and other security solutions allow IT teams to empower mobile users while increasing enterprise security.

Learn more about how CDW can help you take advantage of the latest security solutions and services from RSA.

This blog post brought to you by:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>