By Jason Moody
Organizations that have adopted a bring-your-own-device (BYOD) strategy are granting employees choice and flexibility; as a result, they are gaining productivity. However, providing those benefits requires responsibility, as IT must find a way to ensure the safety of both the employees’ and the organization’s data on personal devices.
Enterprise data and applications need to be protected from personal apps and unapproved device users. Personal data needs to be safe from remote wipes that may be performed by IT. By implementing the following four layers of security, IT can ensure everyone’s needs are met:
- Secure remote access—create a private, encrypted connection between mobile devices and the corporate network. This makes information transferred over the connection indecipherable by hackers, even when the user has connected to the Internet via an unsecured Wi-Fi hotspot.
- Encryption—protect enterprise data stored on devices. The data is secure and cannot be accessed without a password for the device or corporate workspace, even if the device is lost or stolen.
- Data loss protection (DLP)—thwart any attempt by a user to transfer corporate data to the personal mobile device by saving it to a cloud app or via copy/paste.
- Firewall—prevent unauthorized mobile apps from accessing the corporate network.
The simplest way to provide these capabilities is by putting an application-based secure workspace on all personal mobile devices, enabling IT to easily allow authorized users and devices through the firewall and provide secure remote access, encryption and DLP without requiring any action by the user. Users simply download and install the workspace software from the app store, and IT is immediately in control of only the secure workspace.
A secure workspace prevents the commingling of corporate and personal information and mitigates the threat of corporate information being shared outside of the workspace or taken from the device. A complete workspace solution should provide management through provisioning of corporate data on devices, robust workspace policies and remote wipe of the workspace without touching the personal information on the device. It should also provide users with a self-service portal that makes it easy to set up the mobile device, download and configure authorized apps and provide ongoing support.
While it’s possible to provide these capabilities without using a secure workspace, this approach makes it easier for IT to deploy and manage users while making it far simpler for them to use their devices. When employees are fully educated on the benefits, the workspace can help eliminate the issue of shadow IT. Because this approach provides employees with productivity and collaboration tools, protects their privacy and keeps their personal data from being wiped by IT, they are more likely to adopt this secure technology and stop skirting IT to get what they want.
With the rise of BYOD, every corporate IT department is faced with balancing the demands of employees for more flexibility and increased productivity against the need to protect systems and data. By incorporating secure workspaces as part of mobile enablement, IT can unlock the four layers of mobile security while satisfying the needs of users, IT and compliance managers.