Given today's devices and corporate data accessed with them, tablets in particular need more than application-level policy enforcement.
The mobile device management (MDM) market has seen impressive growth in the last several years, but those specializing in data management are finding opportunities as employees lean on tablets for work. Enterprise requirements are quickly expanding to consider data protection in addition to baseline device controls.
Data protection is particularly important when addressing the security concerns that arise from the corporate use of tablets because of their utility as both data display (e.g. sales presentation) and data collection (e.g., health care providers collecting patient data) tools.
From a security perspective, traditional baseline requirements at the device level are well understood (e.g., passcode management, encryption, remote wipe) and are being addressed competently by vendors in the mobile device management market.
However, these are very coarse-grained controls when applied at the mobile device level. Given today’s devices and implementations, tablets in particular need to be augmented with application-level policy enforcement.
This is particularly true in environments that allow bring-your-own-device (BYOD). Look no further than the requirement to keep corporate and personal data separate on tablets and other mobile devices. This helps workers understand the need for a richer set of privacy, security, and compliance controls.
Unfortunately, mobile device management is typically too blunt an instrument for this requirement and this has led to a truly impressive degree of energy going into technical schemes to support the separation of work and personal activity on mobile devices.
These approaches include: a new class of secure enterprise-grade mobile apps; sandbox/container products that wall-off corporate apps from personal apps; client virtualization products that similarly split devices into corporate and personal domains; and application wrappers providing code libraries that can be used to “wrap” existing apps with additional security features.
The big - and honestly wide open - question is “Which of these techniques will prevail?” Regardless, IT and security teams need to find ways to reward the types of safe employee behavior administrators used to simply mandate, back when enterprises typically owned all the devices. Employees also need to be cognizant of their crucial role in mitigating mobile devices’ inherent risks and understand that this isn’t the “Wild West.”
Since corporate controls are required on the business “side” of every device, mobile security vendors also need to deliver products and services that don’t make this requirement too onerous for employees.
In general, technologies that respect and understand the end user experience win out in the new “Consumerization of IT” world in which we live. And, that is as it should be.
We should all be working to keep employees as productive and security-conscious as possible. The products that will ultimately win in the market will be those that find a way to deliver the management and security controls over corporate data that organizations require, while being minimally invasive for employees.
IT and security groups need to help steer employees to make smart choices with regard to the use of tablets and applications while providing employees with enough choice to keep them happy and productive.