Blog Posts Process Management

How to manage enterprise mobility and data security risks

Blog: Professional advantage - BPM blog

No one wants to be in the firing line when their business makes headlines for the wrong reasons. Similarly, few employees would enjoy explaining to their boss that they accidentally handed over sensitive data to a competitor. Organisations don’t like it when these things happen any more than employees do. That’s why most have data security measures to stop information ending up in the wrong hands.

But as cyber threats become more frequent and severe, many organisations aren’t doing enough to protect themselves. Over 70 per cent of cyber threats target end users, and the easiest way into a network is usually through an unsecured device like a smartphone.

So what can organisations to do stay protected? You need to understand each of the risk areas and adopt a layered security approach to address them.

Let’s break this down.

Here are my top tips for keeping your data safe and defending your business.


  1. Protect your information from unauthorised access

Rights Management protects corporate documents by allowing secure access to company resources and enables the safe sharing of documents when they are circulated.

This means that your valuable corporate information is protected with capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone.

This works across multiple workloads such as Exchange, SharePoint and Office documents, and it makes it easier to set restrictions and provide permissions. This first step is the most important, and can be the easiest way to secure documents and emails and manage security risks in your mobility plans.


  1. Specify an IT mobility security policy and enforce it and use a tool to ensure that devices that access data are secure

The good news is that simple security devices such as keypad locks are often very effective. Given this fact, you’d be surprised by the number of organisations that don’t make keypad locks mandatory for mobile network access.

Set your email policies so that all devices must have locks (i.e. secure passwords, patterns, pins or Touch ID, or even cooler, Windows Hello using facial recognition to sign in to your Windows 10 devices with just a look or a touch) before they are granted access to your network. This will protect you, but it doesn’t offer total protection. it can be less effective on jail-broken IOS devices or rooted Android devices.

If you’re serious about mobility and security, I recommend an enterprise mobility solution. These solutions build data protection directly into mobile applications.

When reviewing enterprise mobility solutions, you should look for one that is compatible with a wide variety of common devices, operating systems, and applications.

Other must-have functionality includes the ability to target specific devices and to remove devices from the system quickly.

It’s important to have a mobility solution that integrates data protection and compliance capabilities and minimises complexity.

Features that support this include:

These solutions enable workers to access mobile applications from any device while restricting actions that could compromise security, like copy and pasting, saving and printing.

Workers require permissions to access corporate resources and you can control who is enabled to view and email sensitive material.

So what happens if a device is unenrolled, no longer compliant, lost or stolen? IT administrators have the freedom to lock devices, reset passwords, restrict file access, encrypt data or do a selective wipe of an app or data or even a full wipe.

These capabilities provide an invaluable layer of security, minimise risk and maximise the benefits of mobility. Read more about EMS here.


  1. Use two-factor authentication

An authentication factor is a type of credential used for identity verification. The three most common categories are often described as something you know, like a password, something you have, like an NFC card, and something you are, like biometric data.

Two-factor authentication is when a website or network requires two categories of authentication (ie a password, an SMS, OTP (one time password), phone call or YubiKey) or two instances of the same category (ie two passwords) before it lets you sign in. Each additional authentication factor makes a system more secure.

This can be used to prevent authorised access if a device is lost, and is usually used for remote access.

The downside of two-factor authentication is that you trade added security for a less streamlined user experience. It is not that easy to use a card and then type in a password to access content or to have to type in two passwords. However, the most secure computer is one that is turned off and locked in a safe. While it’s secure it isn’t practical. It is important to implement 2FA where practical.

To minimise streamline issues, you should sort your data into two categories:


  1. Encrypt data on company laptops

Trusted Platform Module from Microsoft is something that has been available, and yet I don’t see it implemented very often.It involves a microchip (often built into newer computers) that enables your computer to utilise advanced security features, such as BitLocker Drive Encryption.

The platform can:


  1. Set aside time for employees to update device software and ‘mind the gap’…

While technology plays a large role in successfully implementing an enterprise mobility solution, there is an important human component as well. Workers at every level need education about safe mobile device usage and on how to secure their devices. It’s important they are given time to do this.

Software updates include important security patches, but how often are you tempted to ignore them when other tasks seem more pressing?

Software updates can take some time to install, but it’s worth making the time if it means keeping your devices secure. Everyone in a business is responsible for implementing mobile device security policies, from the very top all the way down.


The risks and challenges of enterprise mobility may seem daunting. Tackling these challenges in a systematic way and with the help of an integrated solution enables the agility, energy and innovation of mobility without compromising the integrity and security of business.


Discover how easy Office 365’s Enterprise Mobility solutions can be integrated into your business Today. Register for one of our Office 365 Up Close and Personal events.

You can also read more about Professional Advantage and Office 365 here.

Need an answer about Office 365?

Thank you for your enquiry. We’ll be in touch shortly.
Send us another message

The post How to manage enterprise mobility and data security risks appeared first on

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples