As use of mobile devices in the workplace continues to grow, it’s no surprise that mobile security is an on-going headache for IT departments. It would be fair to say that IT concerns are well founded – according to research by Ovum, 70% of employees who own a personal tablet or smartphone are using them to access corporate data and 1/5 are doing so without IT approval, or in spite of a ban on using a personal device for work.

However, while IT departments battle to retain control of company and client data, mobile workers and teams are working to try and maximize their productivity, and this of course means that they need access to the very same company and client data that IT are trying to protect.
 

The Mobile Bottleneck

The impact of restricting access to company or client data for mobile workers can extend beyond the productivity of individuals working away from the office. It’s highly likely that workers sitting in the office may also be impacted while they wait for co-workers who are mobile to conduct even simple requests such as reviews, approvals or task updates.

Our own research has shown that, in professional services firms, 40% of workers report that their productivity is considerably impacted or stopped entirely when trying to access documents when mobile.

So it’s clear that we’ve got a bit of a conundrum here - how can IT teams help maximize productivity for mobile workers, without compromising on security? Well, we’ve been hard at work over the last 12 months ensuring that the Huddle apps for iOS and Android have the same high-levels of security you’ve come to expect from Huddle, while also putting our most important productivity features in the hands of mobile workers*.

To find out more, read on, or watch my recent webinar.

 

 

Extending existing security controls to include Huddle

With many organizations already utilizing solutions such as EMM, MAM or MDM to secure and control access to company data and applications, we’ve introduced versions of our mobile applications that you can deploy and configure using your existing MDM infrastructure.

Commonly grouped together under the Enterprise Mobility Management (EMM) banner, and provided via vendors such as Intune from Microsoft, MaaS360 from IBM, or MobileIron, these solutions provide a range of security controls such as remote lock and wipe, device encryption, which applications can be installed, extra authentication mechanisms such as pin-lock, copy and paste prevention, and prevention of opening documents into non-corporate apps.

With the latest versions of Huddle’s iOS and Android apps, IT departments can easily restrict access to Huddle on mobile devices, so that workers can only access Huddle using versions of our mobile apps provided via their company’s EMM solution. For more information on our MDM integration, please get in touch at help@huddle.com.
 

Huddle’s new inbuilt security controls

EMM and MDM solutions provide great security and control for organizations who are primarily collaborating internally with co-workers, and who don’t need to provide mobile access for external Huddle users such as clients, partners or suppliers.

But in situations where closer collaboration with external parties is required, or simply for organizations who need mobile access but don’t have or want an EMM or MDM solution, we’ve recently introduced a raft of new security capabilities that are built into our mobile apps.

Covering capabilities from two factor authentication through to encryption at rest and view only permissions, we’ve built these features based on your feedback and our desire to provide consistent levels of security and control across mobile, desktop and web.
 

Increased security on Huddle for Android and iOS

Mobile workers using Huddle on the go can now take advantage of improved on-device security through Huddle’s new mobile passcode capability. So, even if someone illicitly gains access to a device, they won’t be able to access Huddle, and, because Mobile passcode is a company level setting, you can ensure that everyone with mobile access to your Huddle solution is adhering to the same level of protection.

Once enabled, iOS app users will be prompted to enter a 4-digit passcode every time they launch or return to the app, as well as after 5 minutes of inactivity. It’s also worth noting that brute force attempts to access Huddle are mitigated by the fact that users will not be allowed to set common passcodes such as 1111, 1234 or 2016, and 5 incorrect passcode attempts signs the user out, and clears all documents and user data from the encrypted data store within the app.

We’ve also introduced encryption ‘at rest’ for our mobile apps, which means that all Huddle content residing on the device is stored in a secured cache, ensuring that other applications cannot programmatically access Huddle data.
 

More rigorous authentication

We’ve always provided support for third party Single sign-on solutions such as Active Directory, Okta or Onelogin - you might already be using this on your Huddle account. When additional security measures are needed, many SSO solutions bring the added benefit of multi-factor authentication, where an additional authentication mechanism must be used, such as a unique code received via text message, to validate that they are indeed the user that they say they are.

Multi-factor authentication via SSO is perfect for internal environments who have implemented SSO, but for teams who aren’t using SSO, or for teams that involve external members such as contractors, suppliers or clients, multi-factor authentication via a third party SSO solution will not be available.

That’s why we’ve built multi-factor authentication directly into Huddle. When enabled, Huddle’s multi-factor authentication requires all users to prove their identity when they sign-in to Huddle, not only by providing their e-mail address and password, but also a unique 6-digit verification code that will be sent to their registered phone number. You can even specify the frequency that multi-factor authentication must be used by members of your account, and this policy applies to all users, not just those within your organization, unless of course you’re using SSO, in which case the Huddle multi-factor authentication only applies to users logging in directly to Huddle.

Find out how to get started with Huddle’s multi-factor authentication here.
 

Greater access control

If you’re working with sensitive information that needs to be shared internally or externally, retaining control, especially via email, can be a real headache. Perhaps you have a board pack, some inspection data, or a proposal that you need to share, but you want to make sure it isn’t visible to anyone apart from the target recipients. Huddle’s new ‘viewer - online only’ access level, allows users to preview content on web and in the Huddle mobile apps, but prevents users from downloading, editing, printing or sharing files outside of Huddle. Check out this handy guide for more information.

For sensitive or confidential projects, you might also have concerns around who can be invited into a Huddle Workspace, say, for example, when you only need to work with one or two external teams, and don’t want to allow people from other organizations to be invited by mistake. Earlier this year we introduced invitation permissions control to address this kind of need. Invitation permissions control allows to you specify which email domains you would like to allow invitations to be sent to. If needed, you can apply the whitelist to specific workspaces rather than the entire account. Of course, the whitelist doesn’t have to apply to just external parties – you might be working with different regions in your own organisation, or just within your own team – you can use the email whitelisting feature to limit invitations to internal only email domains. Find out more here.

When it comes to security, we’re not going to rest on our laurels - we’re already hard at work on the next round of security features, and we’re confident we’ll continue to lead the field when it comes to secure cloud based collaboration.

You can find out more about our Apps for Android and iOS here.

*Some features may not be available on your Huddle plan. For more information, check out our feature list

Martin Saberton

Head of Growth

Ready for your free Huddle trial?

START FREE TRIAL


Request a Demo
trillatron

© 2006 - 2019. All Rights Reserved.