Many still work from home and that will not change completely after the pandemic. In order for this to work smoothly, the IT department has to activate additional devices, use applications such as Zoom and provide secure connections to local and cloud services without endangering general data security. Here are eight ways IT can successfully implement secure teleworking for the workforce.
Smooth activation and OTA provision for every device
The first step is to register new users and / or mobile devices in a Unified Endpoint Management platform (UEM). This enables companies to record both BYOD and company-owned devices with iOS, Android, MacOS or Windows 10. With services such as Apple Business Manager or Android Enterprise Enrollment, the IT department can adapt the onboarding process and thus make the registration process easy and smooth for users.
Configure consistent security policies for all devices
Companies then have to configure all newly registered devices according to the data security guidelines. To do this, the device status should be checked before logging in and protected against threats at the device, application and network level. It is helpful if the solution used can also enforce compliance with guidelines such as the use of passcodes and hard disk encryption.
Secure networking for applications in the LAN and in the cloud
At the time of registration, companies can provide a variety of network settings and profiles for WLAN, application-specific VPNs or device-wide VPNs. This is critical to protecting data in transit and allowing users to securely connect to the intranet, to services behind firewalls, and even to cloud applications. Reliable VPN tunnels ensure that company data is protected at all times, but at the same time enable smooth access to company resources.
Secure email services, PIM and browsers
With remote access, employees need secure access to e-mails, calendars, contacts and secure browsers on the devices. Both native and cloud-based productivity applications should be remotely configurable and secure. Ideally, they can be easily integrated into Office 365 or G-Suite.
Apps for video conferencing, collaboration, and other business applications
Many companies also have to provide communication and collaboration applications such as Zoom and Slack for employees who work from home. With a UEM, these applications can be installed and configured in the background so that employees do not have to take care of the installation themselves. It is a great advantage to have a catalog of enterprise applications so that employees can find the right tools quickly and do not download fake and potentially dangerous versions of popular applications.
Efficient tools for remote support relieve IT help desks
For many employees, working in the home office is still uncharted territory and the IT help desk is the first point of contact when problems arise. An efficient application for sharing screens remotely, which users must agree to in advance, is recommended for support. In this way, the help desk can efficiently identify, diagnose and correct technical obstacles.
Passwordless MFA for secure user authentication.
Hackers are taking advantage of the chaos in the current home office boom. Many companies are reporting an increase in phishing attacks and, in fact, stolen passwords are still the leading cause of data theft - this was confirmed again by MobileIron's latest "Trouble at the Top" study. A passwordless multi-factor authentication and user authentication by registered mobile devices can protect against this. Combined with a UEM platform, such solutions enable secure access so that only authorized and compliant users, devices and applications can connect to company services.
Withdrawal of access rights for security-critical devices
With a suitable UEM, a central console is also available through which IT can display all managed devices and record critical information such as operating system versions, application versions, etc. In this way, devices can be identified on which potentially endangered software is running and then placed in quarantine. Instructions can be sent to affected users on how to restore compliance to their devices. If a device needs to be taken out of service, IT can remotely initiate the deregistration. It also has the ability to selectively wipe devices, such as all corporate data and applications only, while all private data is retained. This goes a long way towards protecting user privacy while reducing corporate liability when adopting BYOD programs.
More on this at Mobileiron.com
About MobileIron
MobileIron is redefining enterprise security with the industry's first mobile-centric Zero Trust platform built on Unified Endpoint Management (UEM) to secure unlimited data access and protection across the enterprise. Zero Trust assumes that cybercriminals are already on the network and secure access is governed by a “never trust, always verify” approach. MobileIron goes beyond identity management and gateway approaches by using a richer set of attributes before granting access. A mobile-centric zero-trust approach validates the device, establishes user context, checks application authorization, verifies the network, and detects and remediates threats before secure access is granted to a device or user.
The MobileIron security platform is built on the foundation of the award-winning and industry-leading Unified Endpoint Management (UEM) capabilities with additional zero-trust enabling technologies, including zero-sign-on (ZSO), multi-factor authentication (MFA) and mobile threat Defense (MTD). Over 19.000 customers, including the world's largest financial institutions, intelligence services, and other highly regulated companies, have chosen MobileIron to provide a seamless and secure user experience by ensuring that only authorized users, devices, applications, and services access corporate resources can.