Taking Your BYOD on Easter Vacation – Securely
April 6, 2012 Leave a comment
- With the holidays, we take corporate data on our mobile devices to exotic locations.
- We are not always the best people to ensure the safety of that data.
As we all get into the Easter vacation spirit and pack our bags for holiday destinations, the mobile device and the tablet are right there with us. However, not everyone heading to a sunny destination has the same state-of-the-art mobile gadgets as the average American or European traveller has these days, and a lot of devices with corporate data on board are about to change hands, albeit illicitly. So, what should a mobile device ‘sun screen option’ provide us holiday-makers with to protect our data, and who should be managing the device from a corporate perspective?
As we begin to mix business and pleasure on our mobile devices, ownership and management may have to be shared differently, letting corporate IT take care of and manage our devices – at least to meet corporate GRC (governance, risk and compliance) requirements – typically with the ability to track how many mobile devices a staffer uses on the job and to protect that user’s data on those devices. The specs of a BYOD protection scheme must encompass Android and iOS tablets as well as smartphones supported across a single user profile. Contents must be backed up to a corporate data centre or to the cloud. Data encryption, geo-location, WAN optimization, data analytics and search options should be available as well.
As users, we want to be able to see and access the content on our devices using a Web interface, and corporate IT would like to have restore options (akin to Apple’s Time Machine functionality), not only to restore data from an earlier clean data set, but also for DLP (data loss prevention) purposes with the ability to wipe data selectively on stolen or lost laptops.
All in all, this is probably more than we as users are able to do (and more than our families may like), so device management must be provided by the professionals in corporate IT. Still, will we relinquish or at least share control of our devices with them? What does the corporate policy look like that covers BYOD users sufficiently?