Enterprise Services Blog
Get the latest thought leadership and information about the role of Enterprise Services in an increasingly interconnected world at HP Communities.

Are new management strategies the ticket for securing mobile devices?

9504_Innovation-Banner_940x240.jpg

 

By Ed Reynolds, HP Fellow, and Neil Passingham, Innovations Lead, HP Enterprise Security Services 

 

An enterprise is only as secure as its ability to manage devices and data. Yet it now appears that the secret to success is letting go of the notion to control the devices, and instead concentrate on finding new ways to manage the sensitive information that those devices can access.

 

The question is no longer whether or not BYOD should be allowed in the enterprise, but how to make the most of the proliferation of devices. Each individual brings certain expectations about the experience they have with their device, and that experience should not be limited by the IT department without reason. When we look at how to manage the applications and data that employees access with those devices, we can begin a new, more relevant dialogue about enterprise security.

 

Creating guidelines

Security.jpgOne of the most difficult aspects of data management is keeping track of information left on a device that is no longer being used. Too often, there is no system for deleting information, so when someone upgrades to a new device, that original device – which is still active – becomes a liability in the event it is lost, stolen, or inadvertently discarded.

 

Circumventing this problem is going to require that enterprises begin establishing guidelines for removing stale devices. Obviously, this is a huge undertaking, but it is required to ensure secure operations.

 

Hand in hand with this strategy should be the process of periodically re-evaluating credentials for each device. This requires extra work both from IT and device users, but it is a requirement to safeguarding the enterprise as this access control is arguably the most significant defense against intrusion.

 

Split personalities in the enterprise

As the lines between work and life blur, and devices become the bridge that connects the two, a new need for separation and containment of information is more urgent. Emerging technologies allow for virtual “containers” to separate the corporate information from personal information, and it will be imperative that enterprises adopt this separation and containment approach.

 

This gives each device a “split personality” of sorts, allowing for the enterprise to lock down and encrypt information that employees can access and be productive with – while at the same time not compromising their ability to use that same device to access their music, games, or personal information.

 

Creating a successful data-device-application strategy depends upon each organization’s ability to set the right priorities for what their enterprise needs, and then build in security features accordingly. There will never be a one-size-fits-all answer to this question, and each enterprise needs to determine such things as:

  • How information will be classified
  • How employees will be granted access to that information
  • How devices will be managed – and over what time period they will be used

Today there are many considerations for devising a strategy, and there are no easy answers. But developing guidelines now is crucial and is the only way to protect the enterprise of the future.

 

Learn more about topics important to enterprise security and productivity. View the recent webcast, The New Style of IT: Four ways to thriveand join the discussion at HP Innovation INSIGHT LinkedIn group.

 

About the authors 

 

Reynolds.pngEd Reynolds is an HP Fellow and a chief technologist for HP Enterprise Security Services. Ed’s focus is on security strategy and innovation. He leads initiatives addressing enterprise cloud security and information-centric security.

 

 

 

 

 

 

NeilPassingham.pngNeil Passingham is Enterprise Security Services’ lead for innovation and a cloud security specialist. He pioneers consultancy-based services around enterprise-wide security including cloud and mobility, and  contributes to security research.

 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation