New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
 
What is mobile risk management (MRM) and how to implement a BYOD policy

Fixmo provides Mobile Risk Management (MRM) solutions that enable organizations and individuals to manage the risks associated with mobile devices. We help our customers employ
MRM strategies that go beyond traditional device management methodologies to continuously verify the integrity and authenticity of mobile devices and apps, protect them from private data loss and security breaches, monitor and track regulatory compliance and enable you to prove it through enterprise reporting and auditability.

Fixmo helps you identify, mitigate and manage your risk so you can be confident and compliant while enabling the full potential of mobility.

In the following interview, Tyler Lessard, Chief Marketing Officer at Fixmo, discusses 1:1 with Rake Narang, Editor-in-Chief of Info Security Products Guide, what is mobile risk management (MRM) and how to implement a BYOD policy.

Rake Narang: What is mobile risk management (MRM) and why is it important for organizations?

Tyler Lessard: Mobile Risk Management (MRM) is an emerging category of technologies that empower organizations to identify, mitigate and manage the risks associated with mobile devices, including financial risk due to regulatory non-compliance; reputation risk resulting from security breaches and violations; and competitive risks from intellectual property and data leakage. MRM helps organizations go beyond traditional mobile device management (MDM) practices, which have primarily relied on risk avoidance or control tactics that limit how devices can be used by employees, to help them exercise the full potential of mobility while protecting corporate data and ensuring regulatory compliance.

Using a “risk mitigation” philosophy, MRM enables organizations to support a wide range of mobile devices and confidently embrace the “bring your own device” (BYOD) trend by taking a holistic approach to Mobile Security, Mobile Device Management, Dynamic Policy Enforcement and Corporate Data Protection, and fusing them with continuous integrity verification and compliance assurance. MRM gives organizations the tools they need to ensure the mobile devices on their corporate network start, and remain, in a known trusted state and that their corporate data remains protected, secured and monitored at all times.

Rake Narang: Now that multiple devices and multiple locations are an integral part of most organizations how is Fixmo MRM solution different from Mobile Device Management (MDM)?

Tyler Lessard: Fixmo MRM goes beyond traditional MDM practices to help organizations protect themselves from a growing number of security threats while ensuring their mobile devices start, and remain, in a known trusted state that is in accordance with their governance policies and regulations.

Fixmo MRM takes a unique approach to continuously monitoring mobile devices to detect tampering, compliance breaches and potential vulnerabilities that can be caused by malicious cyber attacks, unverified applications, rooted OS’s or actions taken by end-users and administrators that may put the device at risk. It provides a complete MDM framework for device configuration and advanced policy controls with the ability to adapt policies on-the-fly based on the device’s current state and threat posture. It also provides a Secure Container solution that encrypts corporate data and applications – including Email, Browsing, Documents and custom apps – and keeps them securely contained from the user’s personal data. With Fixmo MRM, organizations get a full suite of security monitoring, integrity verification, corporate data protection and compliance assurance technologies that complement a sophisticated underlying MDM platform to help them support a wide range of mobile devices without compromising on security or compliance.

Rake Narang: Many corporations that allow employees to use their own mobile devices at work implement a "BYOD policy" to help IT better manage these devices and ensure network security. Explain what a “risk-focused” approach to BYOD entails?

Tyler Lessard: A risk-focused approach to BYOD starts by looking at the inherent security threats, vulnerabilities and compliance risks that may be introduced by allowing personal-liable devices to store confidential corporate data and connect to the corporate network. With BYOD, organizations can no longer dictate which devices and operating systems are permitted on the network, and they don’t have the luxury of forcing users to upgrade their software or deploy security patches when new vulnerabilities are discovered. They are not typically permitted to wipe a personal-liable device in the event that it is lost or stolen, and may have limited controls over data encryption and device-level user authentication.

This all adds up to a number of serious security risks and potential exposure to an organization from malicious cyber attacks (which may target the device itself, or assets on the corporate network) and corporate data leakage as a result of security vulnerabilities, targeted malware, malicious third party applications and device loss or theft. These risks are heightened with BYOD as organizations have limited control over how the devices are used, which applications are installed and what happens to the device in the case it is lost or taken by the employee after they leave the company. When looking at it through this lens, you start to appreciate the need for more advanced security solutions that help organizations mitigate their risks and protect their corporate data and network assets from being compromised, even if the device itself is compromised.

Company: Fixmo
1100-15 Toronto St,
Toronto, ON, M5C 2E3 Canada

Founded in: 2009
CEO: Rick Segal
Public or Private: Private
Products and Services: Fixmo SafeZone, Fixmo Sentinel

Bookmark and Share