A couple of years ago companies were dismissive of BYOD, but as they've realized that the horse left the stable, they are adopting policies and next generation technologies to help manage BYOD. They also recognize that successful mobile security requires a cooperative partnership with employees, so are working with them to determine what policy works best for both parties, allowing BYOD to become part of the enterprise mobile security framework.
As mobile security matures, some of the burden on IT has been alleviated. Thanks to next generation technologies, there are several things enterprises no longer need to do in order to keep mobile data secure. Here are five:
* Invest developer and IT time wrapping apps — Mobile security in the enterprise used to be synonymous with containerization. Traditional solutions included containers and app wrapping, which relied on software development kits (SDK) to modify and secure applications. These approaches required business development relationships to get access to the mobile application source code and forced developers and IT to invest time to use the SDK to secure the application initially, as well as every time the application was upgraded.
Needless to say, these were time-consuming cycles. However, next generation mobile security offers the ability to secure applications on-demand at the employee's request without the intervention of IT. Next generation mobile security vendors are offering on-the-fly app wrapping that doesn't modify the original app code, as well as the ability to attach dynamic app policies that give security professionals the controls they need. Now IT can confidently allow functional departments and employees to serve themselves, giving them immediate access to the applications they prefer, enabling productivity. Before, IT was a bottleneck having to constantly approve, wrap and maintain application security. Now, IT can allow the employees to use the apps they want, without sacrificing security.
* Use containerized apps and app ecosystems — The removal of reliance on SDKs for securing apps has eliminated the need to create app ecosystems. Today, enterprises can simply utilize any application available in app stores for iOS and Android as well as internally developed applications. Businesses are no longer constrained to a handful of applications, which have agreed to work with particular mobile security vendors. Now they can move at the "speed of business" and access the millions of mobile apps available today, while preserving the native user experience of the app, staying up-to-date with new versions, and having instant access to emerging applications.
* Require MDM — MDM doesn't apply in a BYOD world. Employees resist having an application installed on their personal devices that monitors personal as well as work related activity. Additionally, contractors and external vendors won't accept device profiles as they may be working for several different clients and can't share that information. However, by changing the focus from securing devices to securing the data, you eliminate the need to manage devices. Not only can personal and work related activities be cleanly separated, but greater visibility, security and control at the document level is now possible, all without managing the device.
Sign up for CIO Asia eNewsletters.