Wednesday, September 21, 2011

How Will We Keep Them Down on the Farm

Forrester research published a study showing 59% of the companies in a recent survey are now permitting employees to bring their own devices to work. This is great news for the employees who love their iPads, iPhones, Android or Windows Mobile devices. They will now be allowed to use them freely in the work place. This is bad news for IT departments everywhere who have to support employee owned devices and deal with the associated security and data control issues. This is especially bad news for RIM who used to have the lock on the corporate market.

The big problem is how to isolate and protect company information without having to install special software and configure every employee's device. It is critical to be able to protect and even delete company confidential data should the device be lost or stolen, or when an employee leaves the company. This is what makes the RIM devices so attractive. They can be remotely managed from a special server call the Blackberry Enterprise Server. The BES enables total control over access to data, email and other functions putting governance in the hands of the company administrators.

MDM (mobile device management) is a whole class of sofware solutions designed to allow for remote management of other handheld devices. They are offered by the carriers, telephone expense management services, independent software providers and others. Most target Windows Mobile or Android devices and a few even handle Apple IOS (iPhone, iPad.) They try to provide the same capabilities as the BES.

There are two basic approaches taken. One involves the complicated technique of virtualization. This simply means the smart phone or tablet device will be loaded with special software that creates a little make believe computer in which the company applications and data reside. When this "virtual machine" is gone, all proprietary information is gone as well. As you can imagine, this is very effective but places a significant load on the device which can lead to poor performance.

The alternative involves partitioning the device so personal data and company data are stored separately. It's like having a special cabinet where you keep important materials. Any data obtained from the company is automatically stored in this special area, secured through encryption and can be wiped remotely.

This week I attended the Cresting Wave Technology Showcase and had the opportunity to meet with a representative of a number of new hardware and software solutions. RAPshere is responding to this new "bring your own device" trend by offering a simple, effective MDM solution. Although it hasn't been released yet, it will likely receive a warm welcome in the corporate world. It is delivered OTA (over the air) meaning it is pushed to the device without having to physically touch it. It will work on any smart phone or tablet except RIM who have their own proprietary solution. It works by encapsulating data acquired from the company while leaving the personal data untouched.

According to Ajay Arora, RAPsphere is a "next generation mobile security meets MDM solution." To do the job right requires surgical precision when separating data. They provide  "highly granular personal/enterprise isolation on devices while managing the mobile lifecycle — not just at the device level, but at the user, application, data and device level.  The new application and mobile paradigm is at the nexus of where security and mobile life-cycle management intersect:  that's where RAPsphere lives.  And that's what enterprises we've been talking [to] all agree is the solution they're looking for." RAPsphere enables the company control its information while you retain control of yours.

As our personal and business lives continue to overlap and the tools we use in both are increasingly the same, we will need more innovative approaches like these to maintain mutual privacy and security.

Captain Joe

Follow me on Twitter @JPuglisiLLC


By the way, if you find all this technology too confusing, feel free to give me a call.