Comments
Keep Data Off Mobile Devices & Away From Adversaries
Threaded  |  Newest First  |  Oldest First
WKash
50%
50%
WKash,
User Rank: Author
11/27/2013 | 1:31:24 PM
Data vs Devices
The sooner we move to thin client smartphones the better.
danielcawrey
50%
50%
danielcawrey,
User Rank: Ninja
11/27/2013 | 3:09:00 PM
Re: Data vs Devices
I think this is a great idea. It's a much better option than MDM. While I like MDM for a lot of reasons, I long have thought that it did not do enough to stem some of the serious and critical issues that could arise from a potential data leak. 
WKash
50%
50%
WKash,
User Rank: Author
11/27/2013 | 3:18:56 PM
Re: Data vs Devices
I suspect the tendency for IT folks to manage assets makes it easy for MDM vendors to pitch device management tools when what we really need is for devices to show us a picture of what's on a secure, remote server in the cloud so we see what we need to on our device, and intereact with the server, without actually putting data at rest on our devices. 
asankar
50%
50%
asankar,
User Rank: Apprentice
12/2/2013 | 5:45:44 PM
Re: Data vs Devices
We are seeing the same sentiments with a wider audience as MDM starts to get used more.  MDM does have its merits and is needed but the technology may have been oversold on its capabilities.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
11/27/2013 | 3:34:38 PM
Re: Data vs Devices
Except that complete virtualization = 100% dependence on the network, and offline access is one of the things users prize most about their mobile devices. I don't see users surrendering willingly to this tech imperative until the last mobile data dead zone is wiped from the face of the earth.
J_Brandt
50%
50%
J_Brandt,
User Rank: Ninja
11/27/2013 | 4:55:27 PM
Re: Data vs Devices
I'm with @David.  Full mobile virtual or thin client is a step forward because for some data it's ok to have 100% on the remote network, for other data it is not.  I'm old school enough that I don't want to give up total control and ownership of my stuff.  I WANT My data locally.  Enterprise security needs to revolve around the data and that's going to cost us some convenience.  I don't think IT is going to be able to "relax" anytime soon though.
jgherbert
50%
50%
jgherbert,
User Rank: Ninja
11/28/2013 | 12:51:51 AM
Re: Data vs Devices
Regardless, if data does need to be cached in any way on the device, we need encryption on the storage. The problem is that you really don't want to mix corporate and personal data.

 

I'll re-suggest an idea I've thrown out there before, but I really think at some point we're going to see virtualized cell phones and mobile devices, where there can be a corporate VM and a personal VM, with a hypervisor smart enough to allow phone calls etc to be routed through to appear on the active VM, and to provide notifications from either one. That way corporate can encrypt "their" VM and storage, it can require higher security, have remote wipe and all the things corporate likes. Meanwhile the personal VM is isolated from the work VM and can have pictures of cats on it, a shorter PIN, and so on.

 

Thin client is cute, and in some cases perhaps essential, but highly impractical in many instances when it's the only way to work.
Shepy
50%
50%
Shepy,
User Rank: Apprentice
11/28/2013 | 7:19:52 AM
Re: Data vs Devices
"I'll re-suggest an idea I've thrown out there before, but I really think at some point we're going to see virtualized cell phones and mobile devices, where there can be a corporate VM and a personal VM, with a hypervisor smart enough to allow phone calls etc to be routed through to appear on the active VM, and to provide notifications from either one. That way corporate can encrypt "their" VM and storage, it can require higher security, have remote wipe and all the things corporate likes. Meanwhile the personal VM is isolated from the work VM and can have pictures of cats on it, a shorter PIN, and so on."

There is kind of a hybrid of that happening already with the guest mode in android multi-user devices, allowing a locked down more secure version for when you pass the device to a friend.
shamika
50%
50%
shamika,
User Rank: Apprentice
11/30/2013 | 10:29:12 AM
Re: Data vs Devices
Data must be protected in order to maintain the integrity and confidentiality of people hence necessary control measures has to be taken to prevent any data loss.
asankar
50%
50%
asankar,
User Rank: Apprentice
12/2/2013 | 5:55:02 PM
Re: Data vs Devices
On J_Brandt's and David Carr's comments:

Yes, control is an issue - both from the user and corporate ends - and that is probably why BYOD is still having trouble taking off.  In this case we are talking about sensitive and classified data.  Many in the federal government, especially in DoD, are warming to the concept of mobile thin clients given the sensitive nature of data.  I guess for personal data, based on your risk tolerance, you may be comfortable with local data but do the same rules apply for PII or classified data that is mission critical?
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
12/2/2013 | 10:00:42 AM
VDI and data security
VDI will go a long way to address most of the issues of mobile device data leaks but the problem is that a fast, reliable and trusted VDI solution has to be built first.  Right now the average office worker can sign up for Google Drive or Dropbox in under 2 minutes and start syncing data between a handful of devices keeping local copies where they want.  Anyone that I talk to about VDI is all for it and loves the concept but those who have implemented and are using it successfully are harder to find.  
asankar
50%
50%
asankar,
User Rank: Apprentice
12/2/2013 | 5:59:16 PM
Re: VDI and data security
SaneIT:

Your comment is very valid.  As clarification, we are referring to virtualizing native mobile applications and not a desktop environment.  We are already seeing solutions that are very close to local performance for email access, document review and video rendering.  It is only a matter of time and don't believe it is too far off.
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
12/3/2013 | 7:18:50 AM
Re: VDI and data security
Actually I'm referring to both but yes virualizing mobile apps in a safe sandboxed VDI solution would address a large number of the mobile security concerns out there.  MDM solutions are still around but mobile devices are tough to manage in general.  Moving those apps to an environment that you can work with and tighten controls on removes enough obsticles to security that it's worth a look for those who need to lock everything down.  
asankar
50%
50%
asankar,
User Rank: Apprentice
12/5/2013 | 11:39:25 AM
Re: VDI and data security
Actually, the VMI - hosting the native mobile apps offers a better experience than VDI on a mobile device given the relative 'weight' (less) of the mobile application.  That is important since the primary driver behind device adoption is the user experience.  People should be careful not to evaluate VDI on a mobile device and think that would be the same with VMI.  Also VDI is just windows desktops and organizations are slowly discovering that wrapping and other means to optimize them for mobile may not be the best approach compared to native mobile app development.
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
12/2/2013 | 7:41:09 PM
Cloud access, not mobile storage
I absolutely agree that one of the easiest ways to help reduce this threat is to leverage virtual desktop technology.  The key is to keep data residing off the device, ideally in a cloud location, and accessed remotely, with no footprint left behind.  In addition, looking at strategies such as whitelisting files for how they can be accessed, used and stored, could go a long way to ensuring data is protected when accessed remotely, and eliminate a lot of the BYOD headaches that come from ensuring secured access to resources.


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.