Recently, we polled viewers of our Behind the Network series. Out of 81 responses, 51 confirmed that security and compliance is what worries them the most about shifting to a more remote workforce. It’s no surprise that security is always a top priority, even as our work environment changes. While most organizations prioritize protecting employees, devices, business applications, and sensitive data from cyberattacks, the task is no easy feat. Let’s take one aspect of security and break it down into actionable steps: securing mobile devices.
When it comes to securing mobile phones, IT administrators know the importance of using endpoint management software to provision, configure, and monitor those assets. Another critical step is asking key questions like:
- What was the state of the device before we installed the management software?
- Are we certain that our corporate applications are being deployed to a secure device?
- Are we certain the applications themselves are secure?
There are two critical pillars in security are the device level and at the application level. When planning your mobile foundation, the combined Meraki Systems Manager and Duo’s Trusted Endpoint feature helps you address each of these areas. Meraki Systems Manager provides complete control over your mobile phones and Duo provides the best possible Multi-Factor Authentication (MFA), used from those secure devices, to ensure your users access corporate applications securely and with the highest level of authentication. Duo’s Trusted Endpoint feature, integrated with Systems Manager, ensures an extra level of trust based on a Duo issued certificate unique to each mobile device.
Whether your company buys phones for your employees or whether you manage BYOD phones, you can use Meraki Systems Manager to ensure the security of those devices. Configure password requirements, enforce GeoFencing policies, automatically deploy “Sentry WiFi” profiles for secure wireless, and track inventory to ensure the OS and apps are up-to-date. Additionally, for an even stronger foundation you can deploy company-purchased phones using Apple’s DEP or Zero Touch on Android phones, so that security is turned on at the factory before the shrink wrap is opened.
Given how important Duo’s MFA capability is to a defense-in-depth strategy, and how logically it builds on top of the OS security Meraki Systems Manager provides beneath it, you would be right to ask “what is the most secure process for deploying and configuring Duo on my mobile devices?” Duo’s Trusted Endpoint feature is the exact answer to this question.
Meraki Systems Manager now integrates directly with Duo and supports the Trusted Endpoint feature for securely deploying Duo to iOS and Android devices. Configuration takes just a few minutes. You can easily set up both Meraki and Duo from your couch at home given that both systems are managed using native cloud dashboards. Upon completion, you will have laid down the ultimate secure foundation for mobile OS management and MFA application security. Using the Duo Trusted Endpoint feature, Meraki Systems Manager is able to provision Duo automatically to each device while simultaneously configuring Duo so that it is enrolled in Duo’s PKI before the MFA actions are allowed.
Fast, scalable deployment of mobile devices requires a trusted foundation, otherwise you are building a very shaky structure for your business. Meraki Systems Manager, when combined with Duo’s Trusted Endpoint capability, is a comprehensive security solution for mobile devices. The operating system is configured and secured by Meraki—with security originating at the factory if zero touch provisioning is used. Your multi-factor authentication provided by Duo ensures that access to corporate applications is gated securely. And, critically, the security foundation for the Duo application itself is laid down using Meraki System Manager’s integration with the Trusted Endpoint feature.
Original Post: https://meraki.cisco.com/blog/2020/08/how-to-secure-mobile-devices-and-cloud-applications-for-the-remote-workforce/