The Race for Mobile Data Security
December 8, 2011 Leave a comment
- Regardless of device, data protection is critical.
- Current product/service choices are diverse to the point of being a bit daunting.
I have blogged a good bit lately about our recent mobility survey data. One of the takeaways, as I have noted, is that enterprises are resigned to (and perhaps beginning to embrace) the consumerization of IT and the need to provide a degree of choice in mobile device support. What this tends to mean is that Apple and Android smartphones and tablets are increasingly accessing resources from corporate networks. However, while enterprise IT/security teams might have lost the battle, they still plan on winning the war; and the war has always really been about data protection.
This fact is not lost on mobile device management, mobile application management, mobile security, and other vendors in the mobile space working to address data protection requirements on mobile devices for enterprise customers. The depth of interest and the breadth of approaches currently available in the market to address data protection/control/segmentation are amazing.
These approaches include: hardening operating systems (the most prominent example being 3LM, which is likely soon to be a part of Google through the Motorola acquisition); application containerization/sandboxing technologies being developed by Enterproid, Fiberlink, Fixmo, Good Technology, MobileIron, Mocana, and Nukona, among others; client virtualization products (which provide complete partitioning of enterprise and personal data) from established players (e.g., Citrix and VMware) as well as smaller players (e.g., Red Bend and Open Kernel Labs); and data loss prevention technology being ported over to mobile devices (e.g., RSA, Symantec, WebSense, and Zenprise).
This breadth of technology approaches provides customers with a lot of choice, but suggests an immature market that has a long way to go before settling out. In addition to the obvious question of how well these products/approaches can protect enterprise data, it will also be important to gauge the degree of cooperation required from application developers (e.g., what level of additional scripting will be required from application developers to use these solutions) to deploy them and the impact that exerts on the end user experience. The conversation is moving beyond simple mobile device controls to more fine-grained requirements for control and protection of data across a wide range of enterprise applications.