Info Security PG: Now that multiple devices and multiple locations are an integral part of most organizations how is Fixmo MRM solution different from Mobile Device Management (MDM)?
Tyler Lessard: Fixmo MRM goes beyond traditional MDM practices to help organizations protect themselves from a growing number of security threats while ensuring their mobile devices start, and remain, in a known trusted state that is in accordance with their governance policies and regulations.
Fixmo MRM takes a unique approach to continuously monitoring mobile devices to detect tampering, compliance breaches and potential vulnerabilities that can be caused by malicious cyber attacks, unverified applications, rooted OS’s or actions taken by end-users and administrators that may put the device at risk. It provides a complete MDM framework for device configuration and advanced policy controls with the ability to adapt policies on-the-fly based on the device’s current state and threat posture. It also provides a Secure Container solution that encrypts corporate data and applications – including Email, Browsing, Documents and custom apps – and keeps them securely contained from the user’s personal data. With Fixmo MRM, organizations get a full suite of security monitoring, integrity verification, corporate data protection and compliance assurance technologies that complement a sophisticated underlying MDM platform to help them support a wide range of mobile devices without compromising on security or compliance.
Info Security PG: Many corporations that allow employees to use their own mobile devices at work implement a "BYOD policy" to help IT better manage these devices and ensure network security. Explain what a “risk-focused” approach to BYOD entails?
Tyler Lessard: A risk-focused approach to BYOD starts by looking at the inherent security threats, vulnerabilities and compliance risks that may be introduced by allowing personal-liable devices to store confidential corporate data and connect to the corporate network. With BYOD, organizations can no longer dictate which devices and operating systems are permitted on the network, and they don’t have the luxury of forcing users to upgrade their software or deploy security patches when new vulnerabilities are discovered. They are not typically permitted to wipe a personal-liable device in the event that it is lost or stolen, and may have limited controls over data encryption and device-level user authentication.
This all adds up to a number of serious security risks and potential exposure to an organization from malicious cyber attacks (which may target the device itself, or assets on the corporate network) and corporate data leakage as a result of security vulnerabilities, targeted malware, malicious third party applications and device loss or theft. These risks are heightened with BYOD as organizations have limited control over how the devices are used, which applications are installed and what happens to the device in the case it is lost or taken by the employee after they leave the company. When looking at it through this lens, you start to appreciate the need for more advanced security solutions that help organizations mitigate their risks and protect their corporate data and network assets from being compromised, even if the device itself is compromised.