Maintaining Data Security in a Mobile Age
When thinking about security for a mobile device, it’s best to think of your device as a home. If you have one lock on the front door of your home, you have some security. But if you have two or three locks, you’ve decreased your chance of a break-in dramatically.
In today’s information age, where data is increasingly being sent through mobile devices, security is more important than ever before. And as more companies begin to tackle Enterprise Mobile Management, more are opting for the mobile equivalent of a double-lock system. Few companies that handle sensitive information today want a single sign-on format to protect their mobile devices – that is a single, username and password system for their workers to get onto their applications.
Two-factor identification system
Today it’s more common to have a two-factor identification system. For instance, a device can be set up so that after the user has typed in a username and password, a second console appears that asks for a second password. If the user trying to log on is, in fact, an authorized person, that password will be available to them on what’s called a “soft token” program that’s been installed on their device. The password would be random and only applicable for a couple minutes.
Yes, it’s complicated, but it would prevent a hacker from accessing an application with a stolen username and password and that’s the most important thing.
Disable single sign-on
While a two-factor identification system provides strong security, companies that want to be even more cautious can take the extra step of disabling the single sign-on option for their mobile devices. This solution involves programming devices so that every time a user wants to access company information inside a data centre, they are forced to enter their username and password. The username and password then becomes something that has to be entered consistently throughout the day.
To understand why this option is so beneficial, all you have to do is think of the last time you saw a mobile device left unattended in an office or public space. In this case, the owner may have already logged on, meaning a thief wouldn’t even need the username and password to steal information. Once they pick up the device they have access to all kinds of information. By disabling the single sign-on function, you are essentially ensuring your information is protected if your already-logged-onto device suddenly goes missing.
The two-factor identification system, or a disabled single sign on system – or better yet both – are recommended because it’s so easy for a mobile device to be lost in a public place. If you represent a company that handles sensitive information – banking information, credit card information or health records to name a few examples – it is something you should seriously consider.