Mobile strategy needs to catch up with adoption

Most businesses see mobility as a key driver of agility, effectiveness and efficiency, but have yet to formulate long-term strategic plans.

Most businesses see mobility as a key driver of agility, effectiveness and efficiency, but have yet to formulate long-term strategic plans in this area, according to a global survey.

Symantec's 2012 State of Mobility Survey suggests that 71% of firms overall and 63% in the UK are discussing deploying custom mobile applications.

The supplier surveyed more than 6,000 organisations in 43 countries to establish the state of mobile computing to enable businesses to understand the risks and make informed decisions.

The survey found that globally one-third of respondents are implementing or have already implemented custom mobile applications and 49% of UK organisations are running mobile line-of-business apps.

A further 60% are looking at mobilising business applications, 72% are starting to develop their own corporate applications and 66% thinking about developing their own corporate app stores.

Despite this adoption, 48% of survey respondents said that mobility is "somewhat to extremely challenging" and 41% identified mobile devices as one of their top three IT risks.

Most businesses see mobility as a great opportunity, but there are clear risks that go with that, said Greg Day, security chief technology officer in Europe and director of security strategy at Symantec.

"The survey highlights that businesses are getting a stronger grasp of risks and what they should be doing about them," he said.

But what most businesses need to do now, said Day, is to develop a long-term strategy for enabling mobility in the business across all departments, applications, devices and mobile platforms.

Until now, most mobile implementations have tended to be tactical rather than strategic and department by department rather than enterprise-wide, he said.

"Businesses need something that is more unified and standardised across the business that sets out clear policies on appropriate usage, device ownership, mobile platforms and provisioning," said Day.

Symantec's Recommendations:

  • Think strategically:  Build a realistic assessment of the ultimate scale of the mobile business plan and its impact on company infrastructure. Think beyond e-mail. Explore all the mobile opportunities that can be introduced and understand the risks and threats that need to be mitigated. Take a cross-functional approach to securing sensitive data wherever it ends up.
  • Manage efficiently: Mobile devices are legitimate endpoints that require the same attention given to traditional PCs. Many of the processes, policies, education and technologies that are used for desktops and laptops are also applicable to mobile platforms. So the management of mobile devices should be integrated into the overall IT management framework.
  • Enforce appropriately: As more employees connect their personal devices to the corporate network, organisations need to modify their acceptable usage policies to accommodate both corporate-owned and personally-owned devices. Management and security controls will need to differ based on ownership of the device and the associated controls that the organisation requires. Employees will continue to add devices to the corporate network to make their jobs more efficient and enjoyable so organisations must plan for this legally, operationally and culturally.
  • Secure comprehensively: Look beyond basic password, wipe and application blocking policies. Focus on the information and where it is viewed, transmitted and stored. Integrating with existing data loss prevention, encryption and authentication policies will ensure consistent corporate and regulatory compliance.

Read more on Mobile networking