"Organisations must adapt towards how #GenMobile employees use their devices. Security must look at the devices and enforce the appropriate policies accordingly from the networks' edge and through data and threat protection. It is no longer safe to assume that perimeter protection is enough, as devices are able to connect from anywhere. At the same time, security policies need to be simple and transparent to the employee, and must not be of any inconvenience or hindrance for the user," he added.
To protect corporate sensitive data, businesses first need to recognise that a variety of non-technological factors play in to security threat. It is now shown that demographic, industry and geography have a huge role in security threat, so this added context should be a factor when determining how they should protect their enterprise data.
From a security strategy perspective, Aruba recommends five key technology factors:
1. Build a plan that covers policies based on roles, devices, location and other attributes
2. Implement enforcement rules that extend from devices to the network to actual traffic inspection - MDM to policy to firewalls and IPS
3. Measure user behavior and adapt policies to map to business objectives - for instance, sales people may be less likely to use pin codes, but they connect from remote locations the most.
4. Train users on why you're implementing policies and how users can help
5. Listen to your users and implement automated workflows and security protection as needed
Sign up for CIO Asia eNewsletters.