Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Beyond prisonware: Smart data access for mobile and PC users alike

Galen Gruman | July 2, 2014
Here's a radical idea: Monitor what users do with corporate data, rather than keep them from using it

mobile devices
Credit: Oleksiy Mark

What good is access to corporate data if you can't actually work on it? That's a question I pose to mobile security vendors several times a month as they pitch the same bad idea over and over again: systems that provide read-only access to corporate data to make sure it's not abused. Never mind the data can't be used, either. Seriously, why bother? Tell them to use their laptop, where they can really go to town.

Oh, wait -- it's not risky to open up access to corporate data for manipulation and sharing on a PC but it is on a tablet or smartphone. Umm, why? In any event, I don't write about those prisonware products, so I was pleasantly surprised to hear about Hitachi Data Systems' approach to the issue of making corporate data available to employees on whatever devices, including PCs, tablets, smartphones.

HDS gets that endpoint devices are endpoint devices, equally at risk, assuming basic precautions are in place. What matters is knowing who accessed what data, whether it ever left your oversight, whether it was changed, whether in full view or outside your visibillity. That information lets companies make reasonable risk assessments and, if needed, informed judgments about culpability. Hallelujah!

The Hitachi Content Platform (HCP) announced this week isn't about mobile data access specifically -- and that's a good thing. Mobile shouldn't be a separate silo, but another channel to your portfolio of endpoints. HCP is an object store that tracks the access to documents from users on the local network, a branch office, via an Internet or cloud connection (that is, via a browser), and via mobile devices. Users see folders or the equivalent of the documents they can work with and can then can view in their OS, browser, or mobile app -- or open them in a compatible app or service.

That last part is what most mobile data security tools won't let users do. Some include an inferior editing tool to try to provide safe access where the user could actually take care of meaningful tasks, but the ones I've tried are pretty weak. HCP assumes if you have permission to open a document, the company trusts you. That's the adult thing to do.

Of course, HCP does track the access and change history of the document. If you open it in an app outside of HCP's visibility (such as in iOS, which doesn't let apps snoop on each other), the system knows the document has left corporate control, and the company can decide if that was OK. If the user sends back a revised version of that document, HCP knows that too, keeping the original as well -- again, the company can determine whether the user's behavior was appropriate.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.