Preparing for Dual Use (Corporate and Personal) Mobile Devices

A. Braunberg
A. Braunberg

Summary Bullets:

  • No silver bullets for mobile application controls
  • No single metric for success

Galen Gruman had an interesting article in InfoWorld last week, “Virtualization No Silver Bullet for Macs or Mobile” that got me thinking. While the article is actually chiefly about virtualization on non-Windows PCs/laptops it does make some important points about what is needed (and not needed) on mobile devices. To cut to the chase, what is needed is data/application partitioning. That is not news, of course, but the more interesting question that Gruman tackled is whether virtualization is the way to achieve partitioning of personal and corporate data and applications on mobile devices. He sees partitioning as one of the more compelling use cases for virtualization on mobile devices and I agree with that. But it is important to keep in mind that virtualization is just one of numerous techniques that are currently being developed to handle privacy, compliance and security concerns associated with dual-use devices. Continue reading “Preparing for Dual Use (Corporate and Personal) Mobile Devices”

The Race for Mobile Data Security

A. Braunberg
A. Braunberg

Summary Bullets:

  • Regardless of device, data protection is critical.
  • Current product/service choices are diverse to the point of being a bit daunting.

I have blogged a good bit lately about our recent mobility survey data.  One of the takeaways, as I have noted, is that enterprises are resigned to (and perhaps beginning to embrace) the consumerization of IT and the need to provide a degree of choice in mobile device support.  What this tends to mean is that Apple and Android smartphones and tablets are increasingly accessing resources from corporate networks.  However, while enterprise IT/security teams might have lost the battle, they still plan on winning the war; and the war has always really been about data protection. Continue reading “The Race for Mobile Data Security”

Context is King

A. Braunberg
A. Braunberg

Summary Bullets:

  • Security is a data management problem and context is metadata
  • Context drives better policy management and better policies drive better risk management

Context is a word you hear an awful lot these days when talking to security vendors. Everything it seems needs to be put into context, and by that security vendors typically mean that knowing the who, what, when, where and why of network traffic is very useful in determining the “legitimacy” of that traffic. It’s kind of like when firewalls became stateful, the realization that it’s better not to look at each packet in a complete vacuum. Context is the back story, if you will, of each packet traversing a network. Viewed from a data perspective, context is metadata.

Continue reading “Context is King”