Enterprise Services
Showing results for 
Search instead for 
Do you mean 

Are new management strategies the ticket for securing mobile devices?

Grantby ‎02-05-2014 09:27 AM - edited ‎09-30-2015 07:01 AM

9504_Innovation-Banner_940x240.jpg

 

By Ed Reynolds, HP Fellow, and Neil Passingham, Innovations Lead, HP Enterprise Security Services 

 

An enterprise is only as secure as its ability to manage devices and data. Yet it now appears that the secret to success is letting go of the notion to control the devices, and instead concentrate on finding new ways to manage the sensitive information that those devices can access.

 

The question is no longer whether or not BYOD should be allowed in the enterprise, but how to make the most of the proliferation of devices. Each individual brings certain expectations about the experience they have with their device, and that experience should not be limited by the IT department without reason. When we look at how to manage the applications and data that employees access with those devices, we can begin a new, more relevant dialogue about enterprise security.

 

Creating guidelines

Security.jpgOne of the most difficult aspects of data management is keeping track of information left on a device that is no longer being used. Too often, there is no system for deleting information, so when someone upgrades to a new device, that original device – which is still active – becomes a liability in the event it is lost, stolen, or inadvertently discarded.

 

Circumventing this problem is going to require that enterprises begin establishing guidelines for removing stale devices. Obviously, this is a huge undertaking, but it is required to ensure secure operations.

 

Hand in hand with this strategy should be the process of periodically re-evaluating credentials for each device. This requires extra work both from IT and device users, but it is a requirement to safeguarding the enterprise as this access control is arguably the most significant defense against intrusion.

 

Split personalities in the enterprise

As the lines between work and life blur, and devices become the bridge that connects the two, a new need for separation and containment of information is more urgent. Emerging technologies allow for virtual “containers” to separate the corporate information from personal information, and it will be imperative that enterprises adopt this separation and containment approach.

 

This gives each device a “split personality” of sorts, allowing for the enterprise to lock down and encrypt information that employees can access and be productive with – while at the same time not compromising their ability to use that same device to access their music, games, or personal information.

 

Creating a successful data-device-application strategy depends upon each organization’s ability to set the right priorities for what their enterprise needs, and then build in security features accordingly. There will never be a one-size-fits-all answer to this question, and each enterprise needs to determine such things as:

  • How information will be classified
  • How employees will be granted access to that information
  • How devices will be managed – and over what time period they will be used

Today there are many considerations for devising a strategy, and there are no easy answers. But developing guidelines now is crucial and is the only way to protect the enterprise of the future.

 

Learn more about topics important to enterprise security and productivity. View the recent webcast, The New Style of IT: Four ways to thriveand join the discussion at HP Innovation INSIGHT LinkedIn group.

 

About the authors 

 

Reynolds.pngEd Reynolds is an HP Fellow and a chief technologist for HP Enterprise Security Services. Ed’s focus is on security strategy and innovation. He leads initiatives addressing enterprise cloud security and information-centric security.

 

 

 

 

 

 

NeilPassingham.pngNeil Passingham is Enterprise Security Services’ lead for innovation and a cloud security specialist. He pioneers consultancy-based services around enterprise-wide security including cloud and mobility, and  contributes to security research.

 

0 Kudos
About the Author

Grantby

I've devoted more than a decade to writing about technology products, solutions and services.

Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all