New technologies to help prevent BYOD misuse in enterprises

by Ankita Mohinta    Jul 24, 2013

mobile security

Mobile security has been on the news for all the wrong reasons lately. A report sponsored by EMC, VMware, Cisco, and Carahsoft early this year suggested that federal employees in the US were using personal devices for work and personal entertainment. While BYOD is gaining momentum, the security risks associated with BYOD are not yet under lock down. More than 85 percent respondents in the survey, admitted to downloading apps to their smartphone or tablet which was used by them at federal space. The report says that storing work e-mail on devices with lack of password protection can expose the device to open risk.

In India too BYOD is becoming popular in most enterprises. However, the same problem of security persists. The biggest hurdle for mobile security issues is the presence of weak encryption standards and non-use of mobile cyber security mechanisms. Steve Ragan, in an article on networkworld.com, has opined that the new technologies introduced by the big players like Samsung and Apple will bring in change in  mobile security. David Goldschlag, the CEO of MobileSpaces, a start-up that focuses on securing both private and public apps on mobile devices has said in an interview that it’s a good thing that companies like Apple and Google are meeting the requirements of mobile security that was set once by Blackberry.

“The mobile world has shifted from being email oriented to a more app centric user experience. With that comes increasing IT requirements for data protection against leakage and loss, because richer corporate data now resides on the mobile device that is of higher value and of higher risk than just email,” Goldschlag explained.

Samsung in their bid to secure mobile security is offering a solution called KNOX which will help prevent security leaks. Although this is a step forward when it come to securing mobile devices, the whole systems till lacks maturing in comparison to desktops and servers.

According to Swarna Podila, the Senior Manager for the Enterprise Mobility Group at Symantec, there are two ways to security mobile networks. One is protecting data at the device level and the second is protecting it at the app level. At the device level, tools like MDM can be used but results in heavy footprint on devices, whereas sandboxing can be used for app level security.

Those other strategies include mobile application management (MAM), which addresses the limitations of sandboxes while still meeting corporate security needs. MAM technology allows companies to wrap their corporate apps and the data tied to them in their own security and management layers.

However according Podila, the key is to find a right balance between employee freedom and enterprise security standards. For Government security, the issue of mobile security is more important due to the sensitive nature of the data.

It remains to be seen what India will do about mobile security in future. India still doesn’t have proper infrastructure, legal framework, policies and strategies and most importantly expertise to implement e-governance infrastructure. Maybe, with the introduction of new technologies by the big players in the mobile vendor segment, things will change and usher in a new era of mobile security standards.