Each administrator and responsible business should never forget that mobile data access everywhere and at all times is nice to have. However it is worth discussing the risks and threats of what would happen if a mobile device or password is stolen and what the value of this information is for one of your competitors or what the impact would be on the integrity, privacy and confidentiality of data. It is not only an employee’s calendar, contacts and e-mail, it is more: e.g. the information can describe a lot of the business needs and plans of a company. The mobile device is pushed and delivered with email, calendar, contacts & task information and is often only authenticated by a user’s password and sometimes this authentication is enhanced with a client certificate.
RiskIDcreates a digital Risk Profile of the device wanting secure access and synchronisation with the e-mail server. RiskID is formed on the basis of the device's hardware characteristics such as the CPU serial number, hard disk ID and network MAC address etc. Combining the RiskID with a user name and password mobile synchronisation and data exchange can be restricted to only trusted devices whilst creating the second factor of authentication. The user will not be interrogated with strong authentication and the administrator does not need to manage any certificates for the mobile clients. All settings will be configured centrally and enforced on all handheld devices without using any software on the client but devices connecting to the mail system will automatically be authenticated remotely with the second factor.
Taking away the biggest authentication issue for implementing mobile access and data synchronisation is by using RiskID that minimize the risks of publishing internal information to the public. RiskID provides the two-factor authentication and makes sure that you do not block your users by higher security interaction such as with client certificates and all the administrational burden and costs related to that. Your work as administrator is firstly to plan the most secure way to use mobile devices without maximizing the risks for your valuable company information.
RiskID enables strong authentication for making personal information available for mobile use which can optimize your business workflows internally and can provide your sales personnel with the ability to act as soon as possible to realize your customers' needs. Together with other security policies relating to the device level password enforcement, inactivity timeout, reset device (erase) after repeated login failures and remote device reset capability and the set up of SSL to the incoming server will lower the danger to the access of the infrastructure and data by providing authenticated, encrypted access and control to the internal mail system.
Should you have any questions, and/or remarks on RiskID, please contact us!