Enterprise Security in a Mobile World

By on

mobile security x300by Jelani Harper

The objective of a growing number of trends within the data sphere is to empower the business user through what has become known as the consumerization of IT.

Developments in self-service Business Intelligence, Cloud Computing, mobile technologies, and the proliferation of the Bring Your Own Device phenomenon has enabled end users to work from virtually anywhere, continually access sensitive enterprise data, and license a degree of autonomy that was previously forbidden by centralized, slow moving IT departments.

The reality is that the consumerization of IT and the movement towards mobile devices would gain much more traction if there was a way to both preserve that autonomy and limit it, to restrict access to corporate data yet not the use of access devices for personal reasons, to adhere to governance and compliance while circumscribing discovery, and to ensure data loss protection on remote devices in a manner akin to that within the physical confines of the enterprise on what are becoming swiftly disappearing desktops.

Now, such a solution exists. Druva’s inSync suite addresses all of these security concerns and more, and is helping to pave the way for the consumerization of IT, the empowerment of the business user, and a new role for IT departments as consultants to, rather than gatekeepers of, the latest technological advancements. According to Druva’s Vice President of Marketing Ty Lim:

“Breach is actually not a responsibility just for IT now; it’s a responsibility for everybody. It we look at SaaS and how it has disrupted the marketplace and how we go about this, if we want to remove some of the buying power out of IT and into the hands of the business owner, as business unit leaders we also have to be much more open and receptive to the fact that now we also bear the burden of thinking about security.”

Within the Cloud

The solution provided by Druva—like that of so many other recent developments within the data landscape—is facilitated by the Cloud. Whereas initially the Cloud was considered dubious because of issues of security, recent advancements have enabled it to present numerous distinct advantages for data integration and security, including:

  • Integration with legacy systems: The most readily available way to still get value out of legacy systems while updating them to the current climate of mobile technology and access is by implementing a layer of data visualization and accessing them through the Cloud. This method ensures continued usage of traditional data sources and permits users to augment both cloud-based security with that of on-premise legacy systems.
  • Data-centric approach: Security measures implemented via the Cloud are data-centric as opposed to others which may be centered around specific applications devices. With the consumerization of IT, devices and applications are readily changing and easily outmoded within a year or two. Security measures through the Cloud, however, are based on the data itself (regardless of how it is accessed) and have the potential to last much longer.
  • Less Infrastructure, More Security: Similar to the advantages gained by utilizing a content-centered approach through the Cloud instead of an application-centered or device-centered one is the fact that utilizing the Cloud enables a plethora of security measures (encryption, restricted access, BYOD policies) without additional infrastructure and its considerable costs. Competitive cloud-based enterprise security providers such as Druva are technology agnostic.

Most importantly, utilizing the Cloud to secure data reflects the growing trend towards the fast-paced, dynamic, data-driven work environment in which business and end users currently work. Lim considered the fact that:

“The Cloud is now much more prepped to store sensitive data, and solution providers are actually innovating so much with security now that it makes people much more comfortable. The speed at which AWS Amazon cloud is delivered on scale, and at which security solution providers are able to deliver on things like data protection and visualization of enterprise apps has organizations are thinking, ‘how do I not invest in additional infrastructure’, because it’s going to be legacy in a year anyway.”

Governance, Backup and Privacy

Druva’s inSync suite was created to directly address the explosion of data and the growing trend of the enterprise to access and interact with it outside of its physical borders. Its core components include:

  • Backup: inSync’s backup capabilities help prevent data loss by automatically copying data from mobile devices to a centralized server that intuitively understands the flexible workloads of mobile workers and the tenuous nature of internet connections. It provides data continuity and is invaluable as a preemptive step towards data recovery.
  • Remote wipe: This aspect of inSync enables the enterprise to eliminate sensitive corporate data while still retaining personal data and user preferences on a variety of mobile devices. It is a reactive technology that can prove valuable in instances in which devices are lost or stolen, and which protects the enterprise from breaches.
  • Governance: inSync’s governance features help ensures that data on remote devices are compliant and in accordance with principles of governance directed by IT. They enable IT professionals to access a visibility layer in which they can monitor the data on mobile devices to ensure that it adheres to governance objectives by analyzing factors such as where data is created, who’s sharing it and how, and a host of temporal considerations in succinct snapshots that enable an auditing trail to greatly reduce potential litigation and reinforce compliance.

Lim discussed a key point of distinction for inSync, its ability to reinforce governance.

“In today’s world, the requirement to understand what is sitting on those laptops is extremely high now. It’s a necessity. There are not a lot of desktops left in the enterprise. When you get hit with litigation to produce information on a particular topic matter, the majority of that information is actually sitting on laptops. If they’re not in a centralized depository, it’s going to be very hard for you to do that.”

IT Consultants

The ramifications of the evolving work environment which is substantially more dynamic, Cloud-based and conducted in locations outside the office are perhaps most considerable for IT departments. In some ways, the degree of empowerment for the business user afforded by this growing movement produces the opposite effect on IT, especially in light of its previous role as technology guardian.

What is actually happening, however, is that IT’s role is changing to that of an advisor and facilitator for technological concerns. Its involvement is still crucial to the selection of technology purchasing (perhaps most so in BYOD settings), as well as in the actual utilization and application of such technology. But it is no longer the sole entity dictating this process.

As such, there are emerging situations in which IT is no longer diametrically opposed to the needs and perceptions of the business, and instead functions as a consultant for the latter and has even involved itself in facilitating communication between the enterprise and its customers while helping to share responsibility for data on mobile devices. Conversely, the evolution of IT’s role is now such so that issues of governance and security are more equally distributed throughout the enterprise.

Facilitating and Governing Remote Data

End users have long desired greater autonomy and control of technology necessary for business purposes. In granting this desire, organizations also have had to reconcile with issues of accountability, governance, and the personal ramifications of the consumerization of IT to ensure there is still conformity and uniformity among processes and applications. This reality has created a shifting work environment and roles for both IT and end users, as well as the way in which this technology is ultimately accounted for. According to Lim:

“The rise of litigation in the enterprise, and the fact that it requires that IT produce data that’s sitting on all devices (and that includes laptop devices) is a huge emerging problem. There isn’t a solution out there that’s been able to deliver simply the collection of data on these devices into a central place that enables companies to produce that data for litigation purposes. There isn’t a solution out there that’s been able to do that and Druva is now able to do that.”

We use technologies such as cookies to understand how you use our site and to provide a better user experience. This includes personalizing content, using analytics and improving site operations. We may share your information about your use of our site with third parties in accordance with our Privacy Policy. You can change your cookie settings as described here at any time, but parts of our site may not function correctly without them. By continuing to use our site, you agree that we can save cookies on your device, unless you have disabled cookies.
I Accept