Keeping a Lookout on access via mobile to the enterprise: your choices
As part of our on-going series of articles that focus on enabling security on smartphones & mobile devices, we’ve looked, for example, at some of the best ways organizations can protect themselves against cyberattacks coming in, aimed directly at employees.
There are a few approaches, the most obvious being protecting those smart devices we all carry around, specifically. Mobile endpoint management layers can be highly effective, but like any cybersecurity measure, these are best used in combination with other methods, like single sign-on and multi-factor authentication.
As a guide for organizations working their way through this complicated scenario, it might be useful to learn how one large company is protecting itself by protecting its employees’ mobile devices.
Schneider Electric is a large, global energy management and automation system vendor with a long history in engineering and industry. From its roots in 19th century France, it now employees over 170,000 people, all of whom (it’s safe to assume), prefer to bring their smartphones to work.
Additionally, the company has also issued about 50,000 mobile devices to staff. Before we look at the how of the company protecting itself, it’s worth considering the why.
Not just phishing
Like any company, Schneider Electric wants to protect its intellectual property and its reputation, both of which it stands to lose in the event of a significant data breach.
But like every European company, and any company that has even a single European customer (that is, probably every company on the planet, of any significant size), it also needs to observe the transnational data governance rules of GDPR.
Further afield, it will also be keen to adhere to Singapore’s rules & regulations, Australia’s latest legislation concerning openness with regards reporting data breaches, and Californian consumer-focused legislation that protects individuals’ data, too.
So as well as wanting to safeguard mobile endpoints and their users, there’s also a significant requirement to remain compliant. And a big part of being compliant is proving to various auditing bodies (should they ask) that the procedures and processes are in place that keep data safe, proactively.
Multipart security for multipart threats
Covering off the protection of company data and proving compliance requires several solutions working together. That was Schneider Electric’s approach, deploying Lookout Mobile Endpoint Security alongside the larger organization’s SIEM (security information and event management) and EMM (enterprise mobility management) systems.
The company’s Global Head of Office 365 Services and Enterprise Mobility, Simon Hardy-Bistagne decided that access to corporate data would be protected with MTD (mobile threat detection), so no unauthorized users would be able to work with the significant online resources of the large global company.
Like many organizations, the day-to-day work of many of its employees is done on the Office 365 platform. Via this portal, employees get access to, and work on documents and media of varying sensitivity, with the suite also allowing real-time communications, chat and the wherewithal to work collaboratively.
Protecting access to Office 365, therefore, was a cornerstone of protecting the larger enterprise from cyber incursion, and also to adhere to (and be seen to be adhering to) data protection legislation.
“Lookout is a well-known company in mobile security, with more than 170 million devices already observed. We also found it to be the most mature solution throughout our entire evaluation, so we felt confident in our decision to go with the market leader,” Hardy-Bistagne said, speaking of Lookout.
With Schneider Electric’s enterprise mobility management platform pushing a small agent to mobile devices to ensure each isn’t infected or compromised, and the Lookout Mobile Endpoint Security solution’s AI-backed protective algorithms (and access to the world’s biggest cyber threat database), Schneider Electric currently protects around 50,000 COPE devices (company owned, personally enabled) in daily use, all over the globe, by its employees. The same template for protection is in the process of being applied to a further 25,000 devices used in the workplace on a BYOD basis.
Because every organization today operates in what might be termed a “post-perimeter” environment, the multiple defence tool approach for mobile endpoints, individual user, fixed assets and “traditional” LANs is the only way to effectively protect the reputation, intellectual property and legal standing of the business.
Of the vendors out there capable of playing a pro-active role in mobile protection, we’d recommend Lookout. The company’s well-balanced approach is capable of either taking a proactive role among other, legacy security tools or being regarded as a specialist supplier capable of a broader remit.
To learn more about the Lookout portfolio, and how any organization can be helped to protect itself in this mobile-first world, get in touch with a local representative.