Secure Mobile App Connectivity for Remote Workers
Posted by Brian Bradley on Jun 9, 2020 10:00:00 AM
Business travelers and those who have traditionally worked from home have enjoyed the evolution of connecting via mobile apps for a while now. For some though, recent events may have just introduced them to the possibility of doing so. Let's take a closer look at some of these service types, and review ways to incorporate additional layers of security while connecting your newly remote corporate users to them.
- Public SaaS providers have productivity apps that allow users to manage documents, spreadsheets, and presentation files, plus email and calendar access.
- File sharing SaaS apps are plentiful and very useful for sharing large files.
- Collaboration apps allow video/voice/messaging and file sharing.
- ERP and CRM vendors offer plenty of commercial off-the-shelf (COTS) options for their respective end users.
- Remote desktop and browser desktop apps allow larger-screen mobile devices the same productivity as a BYOD laptop.
- Support desk and IT monitoring platforms can be accessed via apps.
- Let's not forget that mobile browsers allow access via web portals to a plethora of services, as well.
There are many more solutions available for unique industry needs that are not listed above.
Currently, with public Internet-facing mobile apps like the ones listed above, the most effective way to securely log into them is via single sign-on (SSO) using existing identity-driven credentials that you know. This presents a TLS certificate and encrypts the data between the app and the hosted service. Two-factor authentication (2FA), using products like Cisco’s DUO or Microsoft MFA, add an essential layer of protection using something you have to ensure the user is who they say they are with minimal effort on the part of the application’s consumer. Even more convenient are identity-driven “passwordless 2FA” solutions available commercially that combine public and private keys authenticated by something you are along with something you have. Having one less password to remember is always a bonus!
Cloud-hosted DNS and malware-driven protection platforms can also be added to mobile devices. These services can secure the BYOD physical devices traffic via DNS proxy for security monitoring and malware inspection. Mobile device management (MDM) can integrate easily with these hosted DNS/Malware platforms. The MDM software will install profiles and certificates to manage access to hosted services, as well. For non-public Internet-facing apps, device-native IPSec or SSL VPN clients with 2FA and cloud-hosted firewalls on our mobile devices can be used to gain secure access to internally hosted services.
The times are continuing to evolve rapidly toward a mobile world of work from anywhere (WFA) on any device. Keeping the security of the traffic in mind across the public network is something not to be overlooked when delivering the apps and services that your mobile users currently access or will become used to accessing. Adding just a few services or steps can give your business additional insight to and protection of your data as you continue on your journey to enable access for your users via mobile apps.
WITH CONVERGEONE,
NOW YOU CAN BE READY TO ADAPT FOR YOUR REMOTE WORKFORCE
With ConvergeOne Secure Remote Workforce, discover the critical steps to take – and common mistakes to avoid – when establishing a remote workforce environment.
Topics: Enterprise Networking, Cyber Security, Remote Working