This resource is no longer available
Addressing Mobile Device Security and Management Requirements in the Enterprise
In late 2009, ESG conducted a research survey of 174 IT professionals in North America. Survey respondents worked at enterprise organizations with more than 1,000 employees. Based upon this research project, this paper concludes:
- Mobile devices have become mission critical. Organizations are spending more on—and doing more with—mobile devices each day. ESG’s data clearly indicates that most enterprises regard mobile devices as mission critical tools, not the latest consumer toys.
- Management and security lag behind. Mobile devices are making employees more productive from more places. This is encouraging large organizations to invest further in mobile devices and develop custom applications. Unfortunately, the data also indicates a growing mobile device security and management gap: mobile devices tend to be managed on an ad-hoc basis, increasing IT operations cost and complexity. Alarmingly, mobile devices remain relatively insecure even though they are used to access core applications and lots of sensitive data. These issues create a potential Faustian compromise in the future as greater productivity comes with a cost of IT operations fire drills and increasing security risk.
- CIOs must address management gaps to maximize mobile device benefits while minimizing the risks. Large organizations need to address mobile device security and management weaknesses. What’s needed? Sound policies, documented processes, integrated mobile device management and security tools, and constant oversight.
CIOs must establish a baseline of strong mobile device security as soon as possible. Why? Mobile devices represent the proverbial "weak link" in the security chain; therefore, poor mobile device security creates vulnerability for ALL critical systems on the corporate network. In other words, one compromised mobile device could lead to a major data breach. Furthermore, mobile device proliferation will only increase in the future—growing more complex, costly, and risky over time. Enterprise firms need to get their arms around mobile device security before they are buried by overwhelming cumbersome IT operations or burned by a costly security event.