Download Segregation is not without its complications for BYOD

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript 
Segregation is not without
its complications for BYOD
Segregating personal and business
data on an employee’s device may
offer a relatively clean solution for
many companies
‘T
If personal data is
not secured and is
exposed when a
personal device is
lost or stolen, this
would be considered
a data-protection
incident
Brendan Fay,
Ward Solutions
risk exposure. “For example,”
said Lane, “simple things like
calendar and contacts often
are requested by some apps
as part of the permission
process when they’re being
downloaded”.
Angela Madden, managing
director with Rita Information
Security, told Connected that
when an organisation “decides
to allow BYOD” it is important
that they understand the risks,
the limitations of the controls
that technology solutions can
provide.
They must also, she said
get to grips with the extent to
which they must train and ultimately trust their employees
to abide by company policy.
“All of these must be understood and examined to ensure
that an effective BYOD strategy
is designed and implemented,”
said Madden.
hese solutions,” said
Renaissance director, Michael Conway,
“offer the most effective and,
in any sensibly thought-out
scenario, the most likely solutions to be workable.”
Conway was referring to
what some call segregation,
some containerisation and
others partitioning. All offer
largely the same idea of separating the data on an employee-owned device between
corporate data which is in a
controlled and managed part
of the phone, and the private
data of the employee.
“In reality most organisations are not as concerned
about what their employees
store on mobile devices, rather
they are concerned about the
corporate element alone.” In
addition, he said, “the individuals also don’t want their
employers to have any access
or control over the personal
data and usage”.
Sophos country manager
Dermot Hayden said segregation or containerised solutions can be “very effective”
at keeping company and personal data separate, but just
how effective depends on the
solution used and how tightly
it is configured. “There can be
a fair amount of user pushback
to installing the containerised
mobile device management
(MDM) app on their own
phones, where there can be
compatibility issues and the
need for training on use of the
new app,” said Hayden.
Hayden said that in his experience, allowing users to use
the native functionality, but
managing it tightly through
a “non-containerised MDM
solution” is a better approach,
as “full or selective wipe is still
available, but users are less impacted in their normal use of
the device, which is key”.
European product marketing manager for Canon, Francis Thornhil, l did warn though
that in most cases “users will
hate” the idea. In fact, he said,
“they will hate it to the point
where it becomes a limiting
factor for adoption and you
may well find that adoption
of the ‘official’ solution starts
to wane and unofficial solutions not incorporating data
segregation start to pop up”.
Thornhill said that unless
the work environment itself
is heavily regulated, in which
employees are used to “severe
restrictions” in terms of data
protection, it will be hugely
difficult to sway the doubters.
Shane Grennan, Fortinet director for regional accounts in
the UK and Ireland said that in
his experience the success of a
partition, container or segregation solutions may, however,
actually depend on the mobile
device in use. He said, for example that iOS-based devices
“essentially have containerisation or sandboxing built into
separate applications and resources from each other and
the operating system enforces
this”.
He added that it had always
been possible to jailbreak iOS
devices and once that occurs
the operating system can be
manipulated.
“For example, the graphical
user interface (GUI) manager
process will govern all applications and will run in a piece
of common memory. Other
mobile platforms are a little
freer in granting access rights
to applications so it becomes
tougher to control,” said Grennan.
He said that with this in
mind, “well implemented
solutions with robust products
can be very effective but as
always, for a limited window”.
Whatever solution is chosen,
he said though, “must be constantly reviewed and updated
to stay ahead of vulnerabilities
newly discovered”.
Paul Ryan, principal security as well as governance, risk
and compliance consultant for
Integrity Solutions said though
that ultimately, security issues
still remain as enterprise data
still resides on the physical device, where “malice, human
error and mismanagement can
play a big part”.
“Fundamentally, the only
safe way to manage access
to sensitive enterprise data
in terms of BYOD is to ensure access to the data can
be provided remotely and is
controlled in a safe manner
using strong encryption and
not storing data on the device
itself,” said Ryan.
Dermot Hayden,
manager, Sophos
October 2014
C-oct2014-p44-46.indd 3
|
The Sunday Business Post
|
45
30/09/2014 15:50
Related documents
On a long range segregation problem
On a long range segregation problem
Part 3
Part 3
The Industrial Revolution
The Industrial Revolution
The Policy Dimension of Race in the United States
The Policy Dimension of Race in the United States
DPI as a means of access segregation in a corporate
DPI as a means of access segregation in a corporate
Ch. 18 Sec. 1 Civil Rights in the 1940s and the
Ch. 18 Sec. 1 Civil Rights in the 1940s and the
Chapter 21 Section 3: Challenge and Changes in the
Chapter 21 Section 3: Challenge and Changes in the
The Industrialized Democracies
The Industrialized Democracies
The Rise of Segregation
The Rise of Segregation
Slide 1
Slide 1
Guidance Note - BYOD
Guidance Note - BYOD
Configuration Guide How to Configure a BYOD Environment with the DWS-4026
Configuration Guide How to Configure a BYOD Environment with the DWS-4026
Why are secondary schools socially segregated?
Why are secondary schools socially segregated?
PDF
PDF
Slide 1
Slide 1
Judgment - Courts and Tribunals Judiciary
Judgment - Courts and Tribunals Judiciary