- In 2016, 60% of total mobile data was used on Wi-Fi networks.
- The average number of Wi-Fi connections the typical corporate device makes per day is 12.
- 4% of corporate mobile devices have come into contact with a man-in-the-middle attack in the past month.
Any organization that has sensitive corporate data being viewed, transmitted or exchanged on corporate mobile devices should be worried about the last statistic, in particular. When employees use mobile devices to access corporate information, specifically across public Wi-Fi networks, security holes expand, and that can be bad news for any organization.
VMware Workspace ONE, an integrated platform for the digital workspace powered by VMware AirWatch unified endpoint management technology, can help secure mobile devices accessing data across private and public Wi-Fi networks. For those of you already using or considering upgrading to Workspace ONE, I’ve outlined five best practices that can help reduce risk associated with potential data leakage across Wi-Fi in your mobile environments:
- Enable VMware Tunnel for app-level security. Workspace ONE has VMware Tunnel capabilities that allow VPN access on a per-app basis to corporate resources. The VMware Tunnel allows mobile device Wi-Fi traffic to be encrypted at the application level. IT no longer has to deploy full device VPN for mobile devices accessing resources back into the data center, which can reduce the risk of malware entering the data center.
- Restrict application access from unsafe networks. With Workspace ONE, IT can restrict mobile devices from accessing Wi-Fi networks. If certain Wi-Fi networks are deemed unsafe, IT can restrict access and ensure that only cellular data is used for data transmission, thus reducing the risk for a potential data breach across a dangerous network.
- Enforce access based on minimal OS level. IT can use Workspace ONE to enforce conditions, such as minimum operating system (OS) versions on mobile devices, in order for an end user to access corporate data. This capability can help prevent malicious devices, including those with higher risk (think jailbroken), from connecting to Wi-Fi networks and corporate resources.
- Set up Wi-Fi during enrollment. You can set up Wi-Fi profiles during enrollment as part of the staging process. This helps ensure Wi-Fi profiles are configured correctly and doesn’t put the burden on the end user to manually set up Wi-Fi.
- Set up Wi-Fi policies that align with your security requirements. Configure Wi-Fi profiles with security policies, such as disabling auto-join to any Wi-Fi network nearby, to help reduce the risk of users unknowingly joining an unsecure Wi-Fi network.
In addition to these five tips, you can also integrate Workspace ONE with Wandera for even more advanced security capabilities, such as mobile threat defense and content filtering. We’d also like to hear your thoughts, and if you have any more tips or best practices, comment below!
For more information on Workspace ONE, visit vmware.com/go/workspaceone, and explore these resources: