Is Trust the Missing Component in Your BYOD Strategy?
Posted on February 03, 2015
Sanjay Gupta, Vice President of the Fusion Middleware group at Oracle India, recently took to the pages of India's Business Today to opine that the biggest ongoing problem most enterprises have with employee-owned devices boils down to the lack of mutual trust.
"When it comes to company culture, BYOD will only flourish in companies where trust is absolute," Gupta wrote. "Business executives need to be able to have complete confidence in their IT department and the technology framework they have in place to secure employee devices. Employees, meanwhile, need to rest assured that their device cannot compromise the enterprise and that, conversely, their own private data cannot be viewed by anyone in the business. This is a two-way street of course."
So how do you create a corporate culture where this kind of trust exists" Jared Hansen, CEO of secure mobile printing leader Breezy, says that it starts with understanding that trust is never freely given in the workplace " it has to be earned. "I think the key is recognizing that device owners " your employees, contractors and other authorized network users " have a reasonable expectation that their personal data won't be erased or viewed by the company except in clearly defined circumstances. In exchange for this reassurance, they are willing to allow the company to manage the device's identity and applications, and to follow security procedures that protect company data."
When top management trusts IT, employees trust the company, and IT trusts the technology being used to secure company data and the employees whose behavior can be the most important factor in maintaining that security, all of the pieces fit together. "It's a little bit like the Cold War definition of international security," Hansen says. "Trust, but verify. In other words, you work to build a climate of trust where employees are willing to come forward when there is a potential data breach, but at the same time you deploy the monitoring and management tools required to ensure compliance with corporate security policies."
Citrix: 10 Must Have Mobile Security Components
Building trust starts with communication and training, but the key is a security infrastructure that secures company data without placing an undue burden on individual employees. Breezy's partner, Citrix, published a white paper that lists the 10 components such a mobile security infrastructure must have, and a secure system that protects employee privacy is near the top of the list. It's available for free download at this link.
- Can I manage any BYO or corporate device? Many enterprises require foundational device management. They need to centrally configure device security elements such as passcodes and encryption and detect and block non-compliant devices, such as ones that are jailbroken or have blacklisted apps installed. They require the ability to decommission devices when they're lost or stolen, or when a user leaves the organization. Because an increasing number of organizations have both user-owned (BYO) and corporate-issued devices in their environment, the solution should let IT designate ownership easily and set policies and practices accordingly.
- Can I secure and manage any mobile or web app" Apps are diverse and don't share common security frameworks. IT needs to centrally secure any mobile or web app or intranet by applying access policies, secure connectivity and data controls to them during or even after the development process.
- Can I give my users secure alternatives to their killer productivity apps without sacrificing user experience? What about the killer productivity apps that mobile users need to get their jobs done " email, web, and data access" Users" default position is to use the native app or the app they're used to. But what if enterprises could provide users with a sandboxed, yet stunning, alternative to the native email client, browser and file-sharing tools they know and love"
- Can I offer secure mobility and protect user privacy? While many organizations choose to solve their mobile challenges with a full-stack enterprise mobility management solution, organizations subject to stringent user privacy rules may opt for a lighter-weight approach. This could mean deploying only an email client or secured app to the device. The solution should be flexible enough to enable either scenario or a mix, say for a global enterprise that wants to manage devices for its U.S. employees but only provide a sandboxed email client for its German personnel.
- Can I give my users SSO and make any app available on any device? Single sign-on (SSO) is one of the few security features that provides something for everyone. IT can provision and de-provision apps more easily and ensure mobile app access for terminated employees is de-activated immediately. Users get simple access without having to authenticate on a small screen. This is a must-have for any mobile enterprise. If the enterprise is truly going mobile, chances are IT will need to provision not just mobile apps, but web, SaaS, Windows, and data center apps as well. IT needs to make them available all in one place: a unified app store.
- Can I provide scenario-based network access? With the array of mobile devices accessing the network, IT needs to define comprehensive access and control policies using endpoint analysis and user roles to determine which apps and data to deliver, and what level of content access to provide.
- Can I let my users access their content while still protecting data? Mobile users need access to corporate content, but there is a dearth of tools that allow IT to manage this access and control data. Whether content resides in Microsoft SharePoint or in a data sharing & sync app, IT should be able to set and enforce data policies that dictate what users can and can't do with the content " save, email, copy/paste and so on.
- Can I be flexible, providing the right security for the situation? Similar to the challenge of balancing security and privacy is the need to apply the right security for the situation. IT needs flexible solutions that support a "good-better-best" approach to security, making the right tradeoffs between security and usability.
- Can I integrate mobile with existing IT resources? IT understands the security hazards of technology silos. Enterprise mobility solutions should easily "snap" into the existing IT environment. This means direct integration with enterprise directories, public key infrastructure, corporate email, access technologies such as WiFi and VPN and virtual desktops and apps. It also means integration with Security Information and Event Management solutions and log management systems so IT can report on mobile alongside other infrastructure.
- Is your architecture secure, scalable, and highly available? Enterprise mobility management solutions must be enterprise-grade. This means that they are architected to keep sensitive user data behind the firewall, not exposed to the Internet. It means that organizations can grow their deployments without increasing complexity. It also means that industry-standard high availability configurations ensure system failover and straightforward failback should the technology fail.
Breezy's secure mobile printing technology is fully integrated with EMM providers like Citrix and many others, and can add an extra layer of protection to the mobile devices that connect to your network or store your data. For more information on mobile device security and secure mobile printing, watch this video from Breezy, download The Definitive Guide to Mobile Printing, a free ebook, or click here to schedule a Breezy demo now.