Mobile Device and Access Management

Cloud Mobile Device

CIOs are stuck between a rock and a hard place as demand for cloud applications and flexible mobile device programs have become the norm for most organizations. How do regulated industries such as finance and healthcare navigate these dangerous waters? Cloud and mobile are inseparable trends – cloud apps are built to enable access from any device and most have a mobile application component. With the traditional approach to BYOD security (mobile device management and mobile access management) IT can’t control data flows or wrap cloud apps on unmanaged devices.

byod

IT no longer owns or manages the apps, the devices, or the underlying network infrastructures, yet is still responsible for securing sensitive corporate data. A new approach is needed, a data-centric approach to security built for this new way of doing business. Data-centric security enables enterprises to adopt the cloud apps that their business needs, securing corporate data anywhere it goes—from cloud to device. This article will discuss some of the challenges organizations face in securing BYOD and the cloud and the importance of data-centric security for controlling data flow to the device.

MDM is not working due to privacy concerns

According to a cloud-based analysis of real-world traffic data from 113,000 organizations and more than 20 industry verticals, cloud application adoption across all industries increased more than 71 percent in 2015. Cloud adoption in regulated industries experienced stronger-than-anticipated growth, up from 15 percent in 2014 to 39 percent in 2015.

Based on two surveys examining 2,242 end users and mobile security administrators, a little more than a third (36 percent) of enterprises use MDM solutions. Only nine percent have deployed MAM. For some, the solution has been to gamble with their security. 28 percent of organizations are doing nothing to protect corporate data on mobile devices. 57 percent of employees, and 38 percent of IT professionals are choosing not to participate in their company’s BYOD program because they don’t want their employer’s IT department to have visibility into their personal data and applications.

How data centric approach provides security as data travels from cloud to device

centric BYOD security solutions work entirely in the cloud – with no agents or software installed on the end-user’s device. By proxying traffic between BYOD devices and corporate apps, these solutions are able to embed security into the data itself, eliminating device and operating system dependencies and alleviating employee privacy concerns.

In a cloud app context, these solutions apply controls in three main areas:

  • At Access—Data centric BYOD solutions allows you to quickly define group and location-based access control and data leakage prevention policies, putting you in control of who, what, where, and when employees access cloud apps from any device. For example, you might want to provide full access to office 365 from corporate-owned devices, but email only (no OneDrive file sync) from employee-owned devices.
  • On the Device— Secure mobile data without installing MDM software on mobile devices or tracking employees’ personal information. These agentless solutions enforce security policies like PIN code and encryption, and if a device is lost or stolen or an employee leaves the company, you can selectively wipe corporate data. Unlike MDM/MAM, data-centric mobile security has no OS dependencies and works across cloud apps, such as Office 365 and On-Premises apps like Exchange.
  • In the Cloud— Many employees will share corporate files to their personal accounts in order to access data from personal devices. Data-centric solutions provide visibility and control over external sharing to control this unexpected form of BYOD access.

What data centric means for regulated industries

Data-centric security allows regulated industries to adopt BYOD and the public cloud without running afoul of compliance mandates. It provides policy-based controls for risky activities like external sharing and BYOD download and sync, ensuring that regulated data doesn’t unnecessarily make its way outside the company. Detailed transaction logging possible with data centric solutions provide detailed visibility and audit trails across all cloud applications, so that audits and investigations are a breeze.

Moreover, independent professionals, such as healthcare workers with multiple hospital affiliations are able to participate in BYOD, even if they don’t want IT to manage their device. Data on lost and stolen mobile devices is protected via OS-level encryption, PIN requirements and remote wipe capabilities.

Conclusion

Organizations are rapidly migrating to cloud applications and must securely enable BYOD access to these apps. Traditional BYOD security methods (MDM/MAM) haven’t been able to adapt to the unique challenges of cloud applications. Data-centric solutions represent the path forward for BYOD in the enterprise, future-proofed for the move to the cloud.

###

Rich CampagnaBy Rich Campagna, VP Product, Bitglass

Rich drives product management at Bitglass. Prior to becoming an integral team member at Bitglass in April 2013, he was senior director of product management at F5 Networks, responsible for access security. Rich gained valuable experience in product management and sales engineering at Juniper Networks and at Sprint before working at F5.

Data Web Accessibility

Protecting Yourself from the Rise in Ransomware this Holiday Season

Rise in Ransomware The Baltimore Public Schools system was already dealing with pandemic learning conditions when it was hit by a ransomware attack the day before Thanksgiving. School officials were calling it a "catastrophic attack ...
Patrick Joggerst

From Virtualization to Cloudification: Transforming Networks, Now What?

Virtualization to Cloudification As we head into the next decade of telecommunications network technology transformation, we find ourselves at a pivotal moment as the era of virtualization becomes the new era of cloudification. Real-time communications ...
Madhaven Krishnan

Steps To Achieve Hyper Productivity With Your Digital Apps Development

Achieve Hyper Productivity The mobile and cloud revolution in enterprise IT is well underway and is already causing never-before--seen changes in the way apps are developed, managed and transformed. The driving factors behind these changes ...
Printing Industry

How to Choose the Right Cloud Printing Solution for Your Business

Cloud Printing Business Solutions The demand for cloud printing is primarily driven by the overall organizational benefits of Software as a Service (SaaS) portfolio. The expectation of flexibility in workplace tools, of plug-and-play solutions for ...
Gary Bernstein

How IoT (Internet of Things) Cloud Services Stack Up Against DIY

How IoT Cloud Services Stack Up Against DIY The ever-increasing mass adoption of IoT devices is leading to a consistent rise in the data generated through these devices. Large corporations are cashing on this opportunity ...
Images Spy

Tech Censorship Is Dangerous, But Micro-targeted Adverts Are Worse

There’s been a lot of focus over the last few months on freedom of speech and censorship online. What began with Alex Jones and David Ike a number of years ago has morphed into bans ...