Netskope Community
I am excited to start a series of posts covering Netskope for Mobile. This kick-off note will provide an overview of Netskope's capabilities on mobile platforms. In the upcoming posts, I will delve into greater detail on enabling Netskope for both corporate and BYOD devices, enforcing data perimeter on mobile, navigating SSL Inspection and certificate pinning challenges, and many other topics.
Why Netskope on Mobile?
While there are significant differences in capabilities, user experience, ownership models, and even weight and portability, mobile devices are similar to desktops in that they can be used to browse the internet, access personal and corporate applications, and move data around. Consequently, our information security policies, tools, and procedures are expected to cover both desktop and mobile use cases. Based on my observations, many organizations have significant gaps in their security posture between corporate desktops and mobile platforms, and Netskope can definitely help bridge that gap!
I have heard about security solutions on mobile, but I am confused about their limited capabilities. What can Netskope actually do on mobile platforms compared to desktops?
Okay, how do I enable these security controls?
All the capabilities mentioned above are delivered through client-based steering, and Netskope clients are available in their respective platform stores. It is highly encouraged to follow best practices and leverage enterprise mobility management tools (MDM, EMM, UEM) for centralized and consistent deployment of Netskope services to your mobile fleet. I am planning to write a separate post covering all things enrollment, so stay tuned for that.
I am not sure about an existing footprint, can Netskope capabilities be layered on top of what we already have?
There is an important differentiation between desktop and mobile security instrumentation environments. Both Windows and macOS environments allow multiple security tools to coexist. In fact, many companies have followed this approach for many years, with separate tools for unique purposes managed by siloed teams. While the SASE architecture promotes cloud consolidation and platform integration, mobile deployments further accelerate this process. Mobile platforms are not designed for multiple security tools to coexist due to strict compartmentalization and process isolation. As you progress, you will realize that VPN tools, Internet Security tools, EDR/XDR, and other solutions rely on the same mobile OS hooks, such as VPN profiles, which cannot be reused. Only a single client can be leveraged within a given surface, so it makes sense to choose the one that will produce the best risk reduction outcome.
Takeaways: I would recommend starting with a risk assessment specific to your Mobile footprint, evaluating gaps, existing tools, and coverage options.
There is more to come on this exciting topic - please feel free to provide your feedback in comments!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Here are some of the popular articles from this blog.
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In