Enterprises Haven’t Gotten a Handle on Mobile Security

By Wayne Rash  |  Posted 2012-06-24 Print this article Print


What the chaos taught us was that business had to start taking mobile security seriously. Previously, many businesses had open WiFi access points. There were no real standards as to what could live on a phone and what couldn€™t.  

People were storing sensitive, work-related material on their iPods and nobody cared, because there were relatively few of them. But when the sales of the iPhone exploded, so did the security woes of the enterprise. Security managers finally figured out that company employees were walking around with tiny computers in their pockets€”computers that contained sensitive corporate data that could walk out the door and disappear. 

And with many companies, that€™s where we are today. The IT department is still trying to grapple with the dozens of different smart devices that show up at work on any given day. They€™re coping with figuring out what devices can be made secure, what can€™t and what they don€™t know. But with the exception of a few organizations, such as the government and financial services, BYOD has arrived. 

Now, everyone knows that BYOD is here, but far fewer have any clue what to do about it. How do you cope with all of those devices? The answer, it turns out, is that a company either embraces them in the name of employee productivity and morale (BYOD does not actually save any money and it might be more expensive than company-provided devices) or ban them entirely either in the name of security or the name of compliance. 

Some companies have no choice. I have a relative who carries a government-issued BlackBerry that he€™s required to use for his official communications. I know a number of people who work in financial services who must also carry BlackBerrys for business use. The rationale is that a BlackBerry under the control of a BlackBerry Enterprise Server environment is vastly more secure than anything else, and that€™s probably true. 

But that €œanything else€ part of the equation has changed. With the addition of third-party software from Good and others, many non-BlackBerry smartphones can be made to be very secure, at least in terms of email and enterprise apps. But beyond that, security varies depending on the user and the device. This keeps the IT department awake at night, especially when they don€™t own the phone and have only limited management ability.

But like it or not, the iPhone, and the other phones from Google and Microsoft that it inspired, are here, and they€™re here to stay. Apple started the whole thing with the iPhone, but Apple won€™t be alone in moving the trend forward.

Wayne Rash Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazine's Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.

He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel