Traditional perimeter security is outdated in most organisations. How network security can be reconciled with distributed and heterogeneous corporate landscapes and mobile working.
Never before has corporate IT been as decentralised and heterogeneous as it is today. Multiple locations, flexible business models and the triumph of home offices and mobile working are rendering traditional protection concepts obsolete.
Protecting network structures, data and user identities is not just a question of individual technologies. It requires a holistic strategy that must be continuously realigned. One of the biggest challenges is heterogeneous networks. This is because companies use a wide variety of systems, end devices and infrastructures – from Windows, MacOS and iOS to Android and proprietary cloud solutions.
The constant need to adapt to new digital ways of working and threats makes this complexity itself the main problem. Added to this is the increase in hybrid and mobile forms of working; employees access central resources from home, on the road or from different offices. This means that the perimeter has been abolished, as the attack surfaces are spread across locations and providers. Furthermore, regulation and compliance play an important role, as data protection, Swiss requirements and industry-specific regulations require control and logged protection of all data streams. Finally, the threat is constantly increasing in general: through AI-supported attacks, targeted phishing and the exploitation of vulnerabilities in BYOD and multi-operating system environments.
Technological solutions
To meet these comprehensive challenges, different technologies must be deployed using a multi-layered security concept. The aim is to consistently authenticate access, detect threats early on with the help of AI solutions and real-time monitoring, and protect devices regardless of location with uniform security policies. Combining these approaches reduces the attack surface and enables a rapid, coordinated response to security incidents.
1. Zero Trust Network Access
The zero trust model assumes that nothing and no one inside or outside the network is trustworthy per se. Every access must therefore be authenticated and every communication relationship segmented. Key components of this are mandatory multi-factor authentication for all users and devices, granular distribution of resources and access rights (micro-segmentation), and automated real-time monitoring of all end devices,
network connections and data access.
2. Cloud-delivered security and security operations centre
Modern security platforms allow centralised control and monitoring of all network participants by a SOC (security operations centre), regardless of location and end device.
Cloud-based technologies such as next-generation firewalls and managed security services enable companies to respond flexibly: these include dynamic policy control for every device and all users, flexible integration of different operating platforms, AI-supported threat analysis and an incident response plan.
The latter defines the necessary steps and responsibilities within the company for a rapid, coordinated response to IT security incidents in order to quickly detect, contain and analyse cyber attacks or data losses and restore systems. The aim is to minimise damage and business interruptions for the company and to learn from incidents in order to better manage future threats. To ensure the same level of security for all operating systems, from Windows to Android to iOS and MacOS, companies must rely on platforms that combine centralisation and granularity. Security policies must be rolled out and monitored across operating systems. Devices must be inventoried, vulnerabilities analysed and automatically quarantined.
3. Mobile Device Management (MDM)
The management and security of various devices (Windows, Android, MacOS and iOS) is therefore key to reducing the attack surface. An MDM (Mobile Device Management) system controls across operating systems, distributes policies and automatically detects security incidents: with an MDM system, automated updates and patches can be rolled out and uniform security policies and compliance reporting can be implemented. Microsoft Intune is an MDM system that works for all platforms or, in Microsoft jargon, a UEM (Unified Endpoint Management) system. It is considered the only truly cross-platform UEM with deep Microsoft integration, but requires Microsoft Cloud licences. Ivanti UEM or other MDM solutions, on the other hand, are used for iOS, MacOS and Android.
4. Mobile Threat Defense (MTD)
To proactively detect malware and phishing on mobile devices, you also need an effective mobile threat defence solution such as Microsoft Defender for Windows. This also allows you to monitor MacOS, iOS and Android. However, Lookout MES or Zimperium is (still) recommended for mobile devices such as smartphones running Android and iOS. This is for the simple reason that Microsoft technology is not fully compatible with Android or Apple devices and
more established MTD systems are currently still far superior to Microsoft Defender. Lookout and other non-Microsoft MTDs are connected to Microsoft Defender via interfaces as needed, detect threats and forward the necessary information to the SOC platform or SOC team.
Best practices for mobile security at a glance
- Rapid integration of new locations and home office workstations via cloud-delivered security and automated policy control
- MDM/MTD hybrid systems for cross-platform security and compliance monitoring
- Zero trust and microsegmentation as a basic principle for access control and incident prevention
- BYOD and COPE policies with clear separation, rights assignment and automatic reporting
- Intensive training measures and awareness programmes for all employees
Security in BYOD and COPE scenarios
In modern working environments, BYOD (Bring Your Own Device) has long been common practice: employees use their private devices to access company data.
This increases flexibility and productivity. At the same time, however, it also increases the risk of data loss, unwanted disclosure and security breaches. With the COPE (Corporate Owned, Privately Enabled) model, on the other hand, where the company provides the devices but they may also be used privately, the challenge remains similar: business and private use must be clearly separated from each other, both technically and organisationally. To ensure security and compliance in both cases, policy-based management and containerisation are key: the protection of sensitive company data is based on the consistent separation of private and business areas on the device. Policies control which apps are allowed to access business data and prevent the transfer of information between private and business domains.
On Android, Android Enterprise separates private and work modes via separate user interfaces. iOS and MacOS, on the other hand, use containers and app-based access rights with different accounts. On Windows, this separation is usually achieved via separate user accounts within the same application.
Clear BYOD and COPE policies
In addition to technical security, a binding company policy is crucial. It regulates responsibilities, usage guidelines, data protection and enforcement mechanisms. While with BYOD the employer’s influence on private devices is limited, with COPE the company has full control over configuration, security policies and monitoring – an advantage especially for industries such as law enforcement or administration, where accessibility and data protection are equally critical.
Further measures
In addition, strong authentication and password policies are mandatory: devices must be secured with two-factor authentication (2FA) at the time of registration – for example, via an authenticator app, PIN or biometric recognition. Complex passwords and strict access policies are mandatory.
In addition, segmented access and differentiated rights assignment must be ensured. This is because not every user role requires access to the same data or systems. Fine-grained control of permissions reduces the risk of internal data breaches. Active vulnerability and update management is also required: both operating systems and apps must be updated regularly to close known security gaps.
The aforementioned Mobile Threat Defense (MTD) solutions such as Lookout automatically support this on iOS and Android devices and warn of exploitable vulnerabilities. Even widely used apps can have security gaps. Such risks can only be mitigated through continuous updates and MTD.
Diversity, networking and expertise
Secure, heterogeneous networks are not a contradiction in terms, but rather a convergence of technology, strategy and the human factor. Decision-makers are well advised to focus on security by design. This means that security policies and access rules must be consistently and systematically automated, role-based and embedded in the architecture in a manner appropriate to each environment from the outset.
This approach ensures that requirements such as access rights, compliance and segmentation are taken into account during the design of the infrastructure and processes, rather than retrospectively. This allows policies to be implemented dynamically across platforms and security standards to be automatically maintained even when changes occur, such as new devices or locations. Otherwise, numerous risks arise: companies are vulnerable to security breaches because access rights and segmentation are often implemented in a patchy and inconsistent manner.
Retrospective integration often leads to compliance problems and makes it much more difficult to securely integrate new devices, locations or working methods. In addition, the effort and costs of retrofitting and patching increase enormously, while the attack surface and potential for damage grow unchecked. Security concepts should therefore be continuously reviewed and further developed in collaboration with customers. This should not only address current threats, but also respond flexibly to new attack vectors. The key is a combination of clearly defined guidelines, consistent device management and protection with the right technologies for the respective environment, and intelligent security management. This allows distributed and mobile working environments to be designed in a way that is both flexible and secure.
People remain the biggest weak point
However, technical security is only part of the solution. Around 80 per cent of attack scenarios exploit the human factor. Continuous awareness training on social engineering, phishing and the secure use of end devices is therefore essential. This includes role-specific training for IT and business users, simulated attack exercises and reporting functions, and regular updates on new risks and best practices.
Full article with author information as PDF
Published in IT Magazine 11/2025 on 3 November 2025
The National Centre for Cyber Security (NCSC) provides information on current threats, preventive measures and strategies for greater network security in hybrid and mobile working environments in Switzerland.