Mobile devices are the mighty double-edged swords of today’s workplace. On the one hand, they provide greater integration of information, on the other, they could be your business’s one-way ticket to a catastrophic security breach. This week we had the amazing opportunity to speak with Anthony Kinney, Microsoft’s Verizon Partner Manager, about mobile security and the ways to mitigate data risk in a BYOD environment.
According to Kinney, the three main security risk areas associated with BYOD are:
We asked Kinney what Microsoft is doing to make sure that moving to a pocket office doesn’t mean introducing security risk. He discussed how our multilayered approach to security makes adopting a BYOD policy far less of a risk, with solutions like Secure boot technology, remote “wipe” capabilities, and automatic cloud storage (among other security solutions).
What makes the greatest difference, however, are the actions a company takes to ensure that their data is secure. The way Kinney sees it, employees jailbreaking and rooting devices is one of the largest risk factors for companies who allow employees to BYOD. What those companies do is implement third-party services to “containerize the data,” so it never actually goes onto the local device.
According to Kinney, Windows Phone solves for this by protecting the data at the data center level before it even gets to the device. This means each document can have specific edit/view/share settings so that when it’s accessed on a mobile device it can’t be ‘saved as’ or forwarded to another cloud service, depending on what the settings permit. This way the phone fully understands the corporate policies on the document, helping IT to provide security—even at the file level.
This level of device integration with your data allows your company to consider a BYOD or CYOD policy without the need for third-party security solutions—which themselves offer another point of potential failure and risk. By working with your existing desktop OS, email, and other systems, the native Windows Phone OS helps mitigate data loss risk for your pocket office by preventing it in the first place.
The security issues and IT management headaches (how do I support all those devices?) of BYOD can be addressed by using HTML5 technologies that enable users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.
Since AccessNow doesn't require any software installation on the end user device – just an HTML5 browser, network connection, URL address and login details - IT staff end up with less support hassles. An employee that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.
Visit http://www.ericom.com/BYOD_Workplace.asp?URL_ID=708 for more info.
Please note that I work for Ericom