Time to Rethink Mobile Security

Today’s mobile enterprise calls for a complete rethink of security. Not only do your people want access to email, they also need to use Windows, Web and native mobile apps, accessing data in the cloud, in the data center and on their devices.  And of course, they want to use their own mobile device. All these new mobility requirements are coming into play against a backdrop of security threats that are steadily increasing in number and sophistication.

To enable both productivity and security for your users, mobile applications must fit into a flexible, easy-to-use mobile workspace that has been architected with security in mind. Foremost are three issues: Data at rest, data in use and data in transit.

• Data at rest: Data must be protected, whether it is on a mobile device or in the data center. You can use Citrix application and desktop virtualization to ensure employees can access data from anywhere, while it never actually leaves the data center. Citrix ShareFile is another key element. It enables users to synchronize their data so it is always available, whether at rest within the data center or on their devices where it is encrypted.

• Data in use: From time to time, employees may copy and paste proprietary content into unprotected email systems. Leading MAM solutions, like Citrix XenMobile, can prevent copy and paste entirely, or only allow it across company-wrapped applications (those applications to which XenMobile encryption and security policies have been applied). Similarly, XenMobile includes controls that restrict the opening of documents to company-wrapped applications. It can also restrict use of an application to the company network and can restrict inter-application access.

• Data in transit: Virtual Private Networks (VPNs), which establish encrypted tunnels, have long been a mainstay of secure remote data access. XenMobile Micro-VPN implements secure tunneling on the application level, rather than the device level, allowing for more flexible and granular access control. The Micro-VPN administers mobile access polices for the application, providing users with the specific data they need. As an added benefit, Micro-VPN technology includes compression algorithms for rapid data transmission. ShareFile plays a role here too. Because it’s integrated with directories as well as governance and compliance policies, it is able to automatically control access to shared files.  A complete mobile strategy also includes a secure application firewall, performing numerous security checks at the edge egress point. With Citrix, this is done through NetScaler (more of this in another blog entry).                                                     

By using the Citrix Worx App SDK – part of XenMobile –  developers (and administrators for that matter ) can enable applications to be secure, whether data is at rest, in use or in transit. Using the SDK, they can add critical XenMobile features like data encryption, password authentication or application-specific Micro-VPN capabilities to iOS and Android applications. In fact, many developers have been hard at work doing just that. Check out the Worx App Gallery to see what’s available.

When the applications your company’s employees are using are built to work within a mobile workspace that is architected with comprehensive security, you are well on your way to enabling the new mobile enterprise.