devices Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :


Digital employee experience crucial to meeting Millennial workforce needs

960 640 Stuart O'Brien

Delivering a great digital employee experience is key to recruiting and retaining the Millennial frontline workforce, according to a new report, with associated implications for cyber security requirements as a result.

With job vacancies advertised across the UK increasing by 88,000 in April to hit a post-pandemic high of 747,000, with the biggest demand in accommodation and food service, a new report says frontline employers must address the specific digital and motivational needs of Millennial workers – who now make up more than three quarters of the frontline workforce.

However, the study of 1,000 frontline workers in YOOBIC’s latest ‘Frontline Employee Workplace Survey 2021’ report, reveals employers are falling behind expectations when it comes to providing an engaging work environment and fulfilling career options.

28% of Millennial frontline workers report not feeling empowered on the job, compared to 17% of other age groups.  Additionally, just 28% of Millennials find it easy to understand whether their work meets company expectations, in comparison to 41% of workers aged over 54.  Over a third (34%) of frontline employees in this demographic reported a lack of career as opposed to 17% for other age groups.

Key to meeting millennial workers’ desire for career progression and workplace engagement is understanding the importance of their digital world – both personally and professionally – which is reflected by Walmart’s decision tooffer new smartphones to more than 740,000 of its almost 1.6 million U.S. workers by the end of the year, free of charge. Staff can then use Walmart’s new workplace app tool while working but will be able to use the device for personal use.

Fabrice Haiat, CEO of YOOBIC, said: “Millennials are digital natives and accordingly see mobile technology as a crucial part of daily life.  Therefore, mobile workplace tools are essential as they deliver the information and communications frontline staff need to perform their best on the job.  These devices, and the format of the information they deliver, must be modern and user-friendly to meet Millennial workers’ high expectations of technology and content.  Providing outdated or ineffective technology will only have a negative impact on staff retention and engagement.”

Almost three quarters (72%) of frontline workers surveyed indicated they would feel more connected if communications were delivered via their smartphone or tablet, while a further 76% felt digital formats would increase their productivity and simplify their workload.

Haiat concluded: “There is no denying the significant impact Millennial workers play as part of the UK’s frontline workforce.  Recognising their needs and specific talents, and responding accordingly, is key to engaging, motivating and retaining staff in this demographic.  As they do in their day-to-day life, millennials expect a digital employee experience that allows them to use mobile devices to communicate with their peers and managers and access training information and documentation easily.  Providing this information in a gamified, digital format empowers the Millennial frontline workforce and meeting their needs in this way ensures businesses can build with them into the future.”

For further information on how employers can engage the UK’s frontline workers download the latest YOOBIC report.

Evolving mobile device management strategies

960 640 Guest Post

By Dom Hume, VP Product & Technical Services,  Becrypt

As organisations continue to innovate to realise efficiencies through the use of increasingly sophisticated and pervasive mobile technologies, many are continually challenged by the risks associated with managing an ever growing device estate.

Successfully managing the complexity of multiple software and hardware mobile platforms necessitates a practical, secure and cost-effective way to manage, monitor and track devices.

This is best achieved through implementing an end-to-end Mobile Device Management (MDM) strategy, that can sometimes require consideration of the entire software and hardware stack, to ensure valuable time and resources are used effectively in securing and monitoring mobile devices that accesses business-critical data.

I have summarised four of the themes we believe are important for organisations to consider when implementing a robust MDM strategy, much of which is based on work we have undertaken with UK Government.

Choose a device manufacturer committed to security patching

It is important that you take into consideration that Android and iOS have fundamentally different approaches to the phone ecosystem. Apple has a closed eco-system, whereas Android is an open platform, and phone manufacturers are supported to build their own devices using  Android. Google releases updates and patches to its Pixel phones, at the same time as it releases patches to the wider Android community. It inevitably takes time for the individual manufacturers to integrate, test and release the patch to their handsets. Consequently, this can result in a period of time where publicly known vulnerabilities exist that may be exploited, for a period that depends on the responsiveness of the manufacturer. This situation is not directly mirrored in the Apple ecosystem.

It is worth also investigating the patch lifetime to which a manufacturer has committed, as this often correlates with patch responsiveness. Organisations with long-term projects may wish to consider specialist manufacturers such as Bittium that will commit to extended device lifecycles.

Plan your application lifecycle management

From an application provisioning platform perspective, the Apple App Store and Google Play Store perform the same functions. While there are some differences in approach, both no longer favour users’ side-loading applications.

Since its inception, the Apple App Store has implemented a quality and compliance gateway process, through which apps must pass before they appear on the store front. App developers can still sign their own apps and push them to devices, via some MDMs that offer private app stores. However, if an app developer’s certificate is revoked, the apps will no longer work.

A safer method is to get your developer to submit the app to the actual App Store, where apps are vetted to ensure they work and don’t affect the functionality and security of the device. For enterprise customers, Apple created the Volume Purchase Program (VPP) for businesses. This allows organisations to submit apps only for themselves or for specific customers to access.

It’s important to note that apps are not always delivered from Apple servers. They are in fact often provided by a Content Delivery Network middle man. All iOS devices have the App Store function built in; this can be switched off from an MDM server. Organisations can also push mandated apps and updates from the MDM server.

Google also has a vetting process for apps, subject to a review process that can be somewhat slow. While there is no dedicated business-only Play Store, Google offers a ‘Private Apps’ concept, allowing the user to differentiate between work and personal applications. MDM administrators can remove business apps from a managed phone. Similar to ‘Bring Your Own Device’, the organisation sets the rules and locks down the device, while allowing the user some freedom to adapt it for personal use. The user feels there is some degree of privacy afforded, but this is not a security feature per se.

Consider a ‘split proxy’ architecture for high-threat environments

Organisations that are considered high-value targets and are subject to sophisticated cyber-attacks have become increasingly concerned about the consequences of an MDM server compromise. Attackers that breach an MDM server can easily locate and unlock a device posing a serious threat to an organisation’s security. Compromised servers can also be used for subsequent lateral movement, or act as the ideal data egress point.

The data security challenges associated with managing mobile devices result from the characteristics imposed by the smartphone ecosystem. Such concerns apply regardless of whether an organisation’s MDM is on premise or consumed as a cloud service. MDM servers have complex communication protocols that interact with several internet-based services, such as push notification systems and online app stores. Usually, these communication channels are authenticated and encrypted end-to-end, preventing them from being inspected for threats.

Therefore, an organisation or its service provider can either open its firewall ports to an MDM server hosted in their most trusted network segment or host the MDM server in a less trusted segment – a ‘DMZ’ of sorts. Ultimately, this equates to either compromising a secure network, or sacrificing the MDM server.

One way to mitigate the risks of such a compromise is to choose a solution that employs a ‘split-proxy’ architecture. Utilising a series of proxy servers residing in a DMZ, these fulfil the range of encrypted communications with the smartphone ecosystem, which are required of an MDM server. MDM traffic is rendered inspectable by the proxies and is subjected to a web application firewall to test for anomalies.

The MDM server may be hosted within the secure network, with appropriately secured and managed communication with the proxy servers. This type of solution can provide a significantly improved level of defence, whilst being completely transparent to the end user.

Consider the business objectives before implementation 

Ultimately, organisations that prioritise data and employee protection as part of their MDM strategy should assess what they need from their mobile devices, and how they intend to be used. A multi-functional work device that requires access to multiple back-end systems including sensitive customer data will almost certainly demand a large budget spend, in addition to robust risk analysis capabilities.

On the other hand, a small business continuity project, that keeps employees informed of out-of-hours actions in certain circumstances, may be achievable without any MDM implementation at all.

Regardless of whether an organisation is operating in a high or low-threat environment, it needs to select an MDM solution that is resilient enough to protect its data from increasingly sophisticated and well-funded threat actors, who are intent on infiltrating the mobile ecosystem to compromise company data.