Skip to main content
banner image
venafi logo

It’s Time to See Mobility in a New Light

It’s Time to See Mobility in a New Light

October 29, 2015 | Phil Biegler
Key Takeaways
  • The bring-your-own-device (BYOD) trend benefits enterprise productivity while decreasing costs
  • Certificates are used to regulate mobile access to enterprise data and systems 
  • Enterprises struggle to distinguish compromised certificates from valid ones
  • Enterprises must be able to identify, issue, and revoke certificates even on employee-owned devices

While more and more employees are using their own phones, tablets, and other mobile devices for work, these practices often keep enterprises in the dark about mobile device access to enterprise data and systems. Digital certificates can shed light on enterprise access issues but only when certificates are properly managed and secured.

One good thing about cell phones is this: You're not as likely to run into people in the dark as you were before cell phones became ubiquitous. Nearly every face you see at night is bathed in the soft blue light of a cell phone. But illuminating people's faces isn't the only good thing about the phones' ubiquity. Mobile devices have done enterprises a few good turns.

Most enterprises welcome mobile devices because they allow people to work anytime, anywhere, and enterprises benefit from this increased productivity. You could even say that mobile devices have become indispensable to enterprises.

But there's a problem lurking here: Employees use mobile devices to access enterprise systems and often store enterprise data on them. I personally have a cell phone, an iPad, and a laptop, all of which have access to our corporate email system (and other corporate systems). This abundance of connected mobile devices is not unusual.

A stack of many mobile devices

Access to enterprise networks usually involves certificates, of course, but how do the enterprises know for sure who owns the certificates? What happens if employees lose the devices or the devices get stolen? Enterprises need to be able to revoke access privileges as soon as a mobile device goes missing.

Clearly, enterprises must have some way of knowing which certificates, on which devices, belong to which employees. They must also have a means by which they can identify and remove compromised certificates, even on devices that do not belong to them. And they must have the ability to control—that is, issue or revoke—certificates at a moment's notice. For example, if I were to call our helpdesk and report that someone stole my backpack one dark night, our helpdesk would have a mechanism for immediately revoking the certificates on each of my stolen devices, thereby preventing access to corporate systems. In other words, it would have a kill switch for the certificates that are located on these devices.

Unfortunately, most enterprises do not have such capabilities. Lacking them, they are as blind and as vulnerable to hidden cyberattacks as were people strolling down dark alleys in the days before cell phones.

What is your enterprise’s BYOD policy? If employee-owned devices are allowed, how does your business shed light on and control enterprise data and system access on these devices?

Like this blog? We think you will love this.
man putting his hand in the middle of a row of falling dominos to prevent the other half from falling
Featured Blog

5 Ways to Prevent Unauthorized Access of Misused Mobile Certificates

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Phil Biegler
Phil Biegler
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more