"I prefer a technology solution that focuses on protecting the company data on the device rather than trying to manage the device itself"
Ensuring that you secure the new wave of mobile devices to minimize threat, loss and overall risk
The boundaries of an organizations can no longer be clearly defined. Earlier companies used to provide a standard company owned device which was to be used for official use only. However, as smart phones and tablets got popular, most employees ended up carrying two devices, personal and company provided. Now with the Bring Your Own Device trend catching on, employees prefer to have a single device for both personal and official use.
While this provides a lot of convenience to the employees and agility to the business, it also poses serious challenges in protecting the information assets of the organization. The risk to information assets of the organization is higher than ever. Hosting of applications on the cloud makes the challenge even more complex. Companies are evaluating multiple solutions to protect the data on these devices e.g. Mobile Device Management (MDM), Mobile Application Management, Virtualization etc. However, most of these solutions do not offer comprehensive security envisaged by the organization. Some of these solutions also intrude on the privacy rights of the employee if he is using his personal device. Organizations need to evaluate what data or applications need to be made available on the mobile and choose the right technology solution to minimize the risk.
I prefer a technology solution that focuses on protecting the company data on the device rather than trying to manage the device itself. If the MDM solution enforces a password on the device, the employee is most likely to share the password with his family, and once the password is shared, then there is a high probability that the company data on the device is accessed by unauthorized users. The MDM software should create a secure container on the device which is encrypted and protected by a strong password.
In this way, the device and other apps can be accessed by other users without having to share the secure app password. The secure app should not leak any data outside the container and the only connectivity to the secure container should be via an encrypted VPN tunnel. The secure app should also allow access to office intranet portals through a secure browser and should restrict malware infections from the device. Of course remote deletion of data should be possible in case the device is lost or the employee leaves the organization.
The MDM solution must work with all the popular mobile operating systems to ensure wide acceptance by the employees. The technology solution for mobile device management needs to integrate with other security solutions like DLP, DRM, identity & access management and also must be supported by robust policies and processes. Only then, the risk to information assets can be brought down to an acceptable level.
