The boom of mobility solutions has direct consequences on your organisation and access to your Information System: more and more employees use their personal or professional mobile devices (smartphones, tablets) to access their applications. A growing number of these applications are now available on mobile environments, which reflects a digital strategy that is unavoidable today. Coping with mobile devices has become a necessity. But is this really possible without controlling security?
‘New’ mobile uses… but well known issues…
Uses involving mobile devices within a company are multiple and diverse: access to the Information System "standard" applications from personal devices (BYOD – Bring Your Own Device) or devices provided by the company (COPE – Corporate Owned Personally Enabled), tablets shared between several co-workers (bank agencies, stores, wharehouses, healthcare establishments…), etc.
Nevertheless, these new uses generate the same issues as "standard" uses: multiple login/password pairs for users, lack of autonomy in password management (and renewal), no centralisation for strong authentication, access control and traceability, etc.
No exception for mobility in terms of security!
A new "front door" to the Information System has opened. It is essential to secure its access by integrating these new tools into all aspects of your global security policy (authentication, access control and traceability). This has to be achieved in accordance with user experience: single authentication (Single Sign-On) functionalities guarantee optimum ergonomics, which is the key for employees to adopt the solution.
Mobile uses cannot be an exception to security rules and must be integrated into the authentication, access control and SSO infrastructures which already exist in the Information System.
Should you wish to control uses such as BYOD, access control allows you to implement rules denying access to the Information System from certain types of devices.
The solution: Mobile SSO
Today, integrating mobile security functionalities into existing security solutions is essential. Mobile SSO allows you to extend to mobile device users the access scenarios used for your business applications, Web applications and mobile sites (authentication, SSO, Identity Federation). It strengthens authentication and audit processes and makes it easier to integrate them into your global security policy.
Read the Leroy Merlin Success Story