The mobile security playbook: Your enterprise’s best defense against mobile threats

By Jonathan Crowl

A defender tackling an offensive player in an American football game.

The best defenses in football know that when the ball enters the red zone, it’s time to clamp down and stop a touchdown at all costs. This bend-but-don’t-break strategy is designed to keep the opposing team from making big plays to win the game.

Enterprises are familiar with this mindset. As they face the constant threat of security attacks in the form of malware, malicious hacking and other schemes, they know the most important thing they can do is prevent mobile security breaches. This is why a single layer of security isn’t enough to keep a company safe: Businesses have to implement multiple security layers to solidify their defensive strategies.

The best defenses in football are greater than the sum of the 11 players taking the field. Companies should strive to build a similar unit where their security efforts are concerned. No single solution is perfect, but the larger ecosystem can be a formidable opponent for even the most serious of threats. Here are some tactics to add to your enterprise playbook:

Organizing the 3-2-1 defense

When it comes to protecting data and other sensitive assets, every enterprise should adopt the widely known 3-2-1 approach. According to BackBlaze, this means you should have three separate copies of all your enterprise data. Two of these copies should be located onsite on two different devices or hard storage solutions. The third copy should be stored offsite on hardware that has no real-time internet connectivity, making it impervious to any malicious hacks or mobile security threats.

Download Gartner report on managed mobility services

Think of the offline copy of your data as a free safety in football, positioned far downfield and serving as the last line of defense when your opponent advances toward the end zone. Without this piece of your defense in place, your attackers will have a wide-open field to take your company for everything it’s worth.

Unify your strategy under a mobile device management solution

Securing enterprise mobility is challenging because of the number of devices in the environment. It’s not just smartphones and tablets — it’s also wearables, printers, projectors, desktops and anything else with a wifi connection. According to Information Age, the complexity of this environment is too much for traditional security to handle on its own. Strategies such as firewalls, intrusion prevention systems and anti-malware and antivirus software just aren’t enough to reliably secure the network.

What businesses need is a mobile device management (MDM) solution that can secure the entire mobile network and operate at scale. MDM solutions can also grow and adapt to changes within your environment, allowing you to add or remove devices while supporting app updates, security patches and agile mobile management to guarantee the mobile network is always putting its best security foot forward.

Score hustle points with two-factor authentication and mobile single sign-on

As Information Age points out, many security breaches could be prevented if not for relaxed IT security efforts that leave an organization susceptible to compromise. It’s impossible to know when or how an attack will happen, so the best thing organizations can do is take simple steps to make one as difficult as possible.


One of the easiest defensive moves a business can make is to enable two-factor authentication when accessing documents, software, systems or other sensitive enterprise assets. This two-factor authentication is easy to set up and forces security threats to overcome two layers of authentication protection, providing a cost-effective boost to the rest of your defensive front.

Along those same lines, companies should consider implementing mobile single sign-on (SSO) for their mobile app networks. Instead of requiring users to juggle a handful of different passwords for different apps and assets, SSO offers a centralized tool for user authentication that can be widely applied to an organization’s entire suite of business apps. Keep in mind that if you’re implementing an enterprise mobility management solution within your organization, this solution likely offers SSO as part of its security features. If you already have an EMM in place, check with the provider to see whether you’re already taking advantage of SSO or whether it can be added to your company’s mobile defense.

In football and in business, a strong defense can be a game-changer. Invest in the time and resources required to build a winning strategy to stop any offensive attack.