Securing Enterprise Data in a World without Firewalls
Date: Tuesday , October 20, 2015
Earlier this year, MobileIron CTO Suresh Batchu shared his opinion with Silicon India that Business Boundaries are Dead. I\'m going to look at this idea specifically in terms of enterprise content in our era of mobile and cloud technologies.
Your Data could be Anywhere
Enterprises used to know exactly where their data was. In the legacy Windows era, we had the system image and securing corporate data was as simple as building a strong firewall. Companies knew exactly where data was, who was accessing it, and from what device. Now they don\'t.
A company\'s digital boundary is now, well, boundary less. Workers store presentations in Dropbox and customer information in Salesforce, right alongside personal texts from their kids and their favorite mobile game du jour. The personal cloud has become the center of our digital lives. Think about your day-the photos you share, the maps that guide you, the videos you watch, the instant messages you send-they all go through a cloud service. And mobile is, more and more, the core consumption model for the cloud. Your mobile apps are your doorway to and from the cloud. The growing popularity of cloud services makes security more complex than ever. In this new, consumer driven world, it is difficult for IT to track who is accessing which files, when, and from what device. As a result, one of the biggest security threats to enterprise data is employees uploading work documents to their personal cloud storage accounts. Employees want to use Dropbox. The company says \'no\'. Employees do it anyway because it makes them productive. If the company restricts their favorite app, employees find another. Ask a CIO what keeps them up at night and they will say corporate information going into employees\' personal cloud storage accounts.
Going beyond Enterprise Datacenters
The reality is that enterprise information now lives everywhere, whether we like it or not. The datacenter is no longer central. Information lives in:
- Traditional IT infrastructure
- Business cloud services
- Personal cloud services
IT can handle the first two. But that last one is a huge problem in terms of security. As soon as IT restricts one app, another one pops up, like playing a game of Whacka- Mole. This game may be fun at the arcade but it\'s not a
The natural reaction of many IT organizations is to restrict the use of these services. But saying \'no\' is not an option. As Vivek Kundra, the first CIO of the U.S. Federal Government said in 2011 when he visited MobileIron, \"The more I say \'no,\' the less secure my organization becomes.\"
Nearly all Employees are using Consumer Services for Work
Ovum, the global analyst firm, validated this statement last September. Their study found that, of employees using file sync and share tools at work, only 9 percent are satisfied with the commercial offering given to them by their corporate IT department. As a result, 89 percent, or nearly all employees, are using consumer products for storing and sharing work documents.
Why do employees use their own services even when IT provides an option? It comes down to productivity. Employees focus on productivity and they prioritize using the tool they prefer over security-if they even consider security at all. Another factor is that there is no single correct tool for an entire organization to use. Different users have different needs and they will choose the solution that is right for them. Finally, the pace of innovation is so great that employees will frequently want to use new apps. The issue for IT is that if they appear unresponsive, employees will see them as irrelevant and ignore them.
IT needs to be able to support choice while securing corporate data. The goal is to be able to say to employees, \"any app, any repository,\" and be confident that there is a security and policy framework to make it happen. This is where MobileIron comes in.
File-Level Security Last October, we introduced our initiative to secure the personal cloud. Our goal was to provide secure access to both cloud-based and onpremise content repositories through the MobileIron Docs@Work mobile application. Earlier this year, we moved to phase two and launched the MobileIron Content Security Service (CSS) to protect work documents stored in personal cloud services.
The problem with traditional content security solutions is that they functionally link security and storage. This requires the migration of work documents to a new content storage repository in order to enforce security policies. This increases complexity by creating more repositories for the enterprise to manage. Most importantly, this approach does not solve the personal cloud problem because employees- always prioritizing convenience- continue to store their work documents in cloud services that IT cannot secure.
The breakthrough with CSS has been separating the security controls from the data storage repository so that a document can be protected across multiple repositories throughout the lifecycle of a document. By doing this, MobileIron takes security down to the document-level so that the document is secure even if it is stored in a personal cloud repository outside IT\'s control. CSS is the first solution that lets employees \'bring-yourown- storage\' without compromising security. IT can now let employees use Dropbox.
The real potential of mobile computing is to enable people to work the way they want, using the tools that they find most useful. Employees can choose their apps and clouds in the consumer world and they want best-of-breed tools at work too. The challenge for IT is that collaboration tools and data repositories will remain fragmented and the pace of change and innovation in mobile is faster than any other enterprise technology. CIOs want to drive productivity not create a culture of limits and lockdown. That means be able to say yes to the personal cloud.