Introduction: Security Concerns
The flood of iPads and iPhones into the enterprise brings huge productivity gains for the mobile workforce, but introduces a raft of security concerns for the IT department. The line between home and office, personal and corporate, has been blurred. Mobile devices with SharePoint access are attractive targets for attackers, as they can potentially gain access to an entire enterprise network.
This series of posts covers the top five questions executives are asking about secure mobile access to SharePoint, and outlines how they are addressed by Colligo Briefcase Enterprise. In this series we’ve considered #1: What happens when a mobile device is lost or stolen?; “#2: How can I control access to SharePoint content?”; “#3: What if a malicious app or person tried to access corporate documents?; and “#4: What if a jail-broken iPad appears on the network? In this fifth and final posting we learn how to prevent data from being shared externally, and then take a look at some recommended security measures from Ernst & Young.
Challenge #5: How can I prevent sensitive corporate data from being
Administrators can restrict users from emailing, printing and opening other applications
Using Colligo Administrator, sharing sensitive corporate data with external recipients can be tightly controlled. The administrator candisable the ability to email documents as attachments, print documents or open documents within other applications. These settings can be disabled on an item-by-item basis.
Email documents as links for extra security
Colligo Briefcase Enterprise offers the option to email documents as
links to SharePoint. This adds extra security, since the recipient must
have the required SharePoint credentials in order to access the link.
Ernst & Young: Recommended Security Measures
- Any third party app should be reviewed for compliance with corporate security standards prior to deployment.
- When developing apps, follow a secure application development process and adhere to secure coding guidelines.
- Ask vendors for enterprise versions of apps with central configuration and remote wipe functions.
- Ask an independent provider, such as Ernst & Young, to review the application.
Specific Security Implementation Recommendations
- Enable device protection using strong passwords.
- Encrypt SharePoint user credentials in the Keychain with an appropriate protection class, or avoid storing user credentials altogether.
- Encrypt storage of documents by iOS device encryption, or additional encryption if required.
- Enforce a password on app startup.
- Securely hash the app startup password
- Detect altering of configuration (.plist) files.
- Enforce protected communication to SharePoint (VPN, SSL).
- Harden the SharePoint site and backend.
- Use web application firewalls or entry servers.
Reprinted with permission from Ernst & Young joint webinar with Colligo ‘The iPad Invasion – Leveraging SharePoint for Mobile Enterprise Security Feb 2012’.
Colligo Briefcase Enterprise in Your Organization
Colligo Briefcase Enterprise offers a 30-day evaluation. To request your copy now, please visit www.colligobriefcase.com.
For organizations that do not require the additional security, deployment, and management features available in Colligo Briefcase Enterprise, Colligo Briefcase Pro is available from the Apple App Store.
Organizations in certain countries can also purchase in quantity using Apple’s B2B Volume Purchase Program.