Last week, we kicked off our series on enterprise mobility with an overview of the many different types of enterprise mobility clients. Ranging from completely inactive (somewhat of a unicorn these days) to full-scale private app deployment, enterprises these days can and do take many different approaches to enterprise mobility.
Perhaps unsurprisingly, the same is true for mobile security in the enterprise. There are many different ways for a business to approach mobile security, and those approaches should influence that business’ security solution. Of course, it’s just not possible to know what kind of security solution you need without first understanding where you fit within the many different enterprise mobility profiles, and what your outlook on enterprise mobile security is.
To that end, this week, we’re going to continue our series by offering an overview of the different possible outlooks on mobile security in the enterprise. Have a look below:
Platform: MDM is well-known and widely-adopted, and is where most businesses start. Platform trust secures the platform itself, but that’s it. The predominant focus with an MDM solution is securing the device.
Pros: Platform trust is the most prolific and predominant form of trust in the enterprise. There are many solutions for securing devices.
Cons: With platform trust, you’re just managing the device—nothing else. This makes you vulnerable in other areas that different outlooks cover.
Container: Secure containers start to focus on applications, and ultimately where we want to get: the data. A container contains apps that have a known set—email, contacts, and calendar, normally—and secures the data within them.
Pros: Containers are very secure. You know exactly what people are doing with corporate emails and calendars, and can control data leakage.
Cons: Containers are clumsier to use than native apps, and are often limited to ‘functional’ apps like email and calendar. Though they’ve gotten better, containers are still cumbersome to use.
App: When an app doesn’t live inside of a container, it’s on its own and needs to be secured (often via an app wrapper). Now, we’re not managing the device any more—we’re managing the data.
Pros: App trust manages data—not just the device. Native apps drive adoption and offer better immersion, capabilities, and functionality than many other security solutions.
Cons: Cost. Releasing a consumer app on another platform builds incremental revenue. Within the enterprise, that’s not the case; 5,000 employees is 5,000 employees, and getting an app to them on a different platform only makes things more expensive for you.
Cloud: With the cloud, we start to bifurcate where we trust the data. It’s managed on the device when it needs to be, and removed when it doesn’t. Cloud solutions start to move control of the data back onto the server.
Pros: Cloud trust helps address the issue of cost. A cloud-based UI allows you to dramatically lower your cost to develop and deploy.
Cons: You now have to worry about data in a few places: cached, in transit, and on your server. Without proper procedures in place, this can get difficult. What’s more, cloud-based UIs look the same on all your devices, which can alienate users who are used to apps looking and functioning a certain way.
Web: In a web app, data is cached locally when it needs to be, and otherwise, stored on the web. With the web, trust is placed predominantly on the server, although data leakage can happen on the device, as well.
Pros: Web-based deployments simplify your security by limiting the number of places your data is stored.
Cons: Native apps generally offer more immersive, usable user experiences. For some apps (HR- or accounting-based, for example), this doesn’t matter. For others (centered around complex business operations, for example) web-based apps may not be a great fit.
None: If you don’t trust any of the above, you may run a virtual desktop where you have full access. Data is encrypted between the virtual desktop server and the device, and nothing is cached locally.
Pros: Zero data leakage. You’re securing your data, and you know exactly where it is because nothing’s ever cached locally.
Cons: Virtual environments need to be fully connected to the web, and also don’t always carry over well to tablets and phones. If you’re on a device that has enough screen real estate to function like a desktop, however, this can be a great solution.
As with last week’s enterprise mobility client types, these security outlooks aren’t all-or-nothing—it’s possible to take parts of a few different outlooks and then mix and match. That said, evaluating this list and your business’ place on it is key to the ultimate goal of a well-rounded, form-fitting security solution for mobility.
You’ve stuck with us through the first two parts of our series—so why not check back next week? On Friday, we’ll wrap this all up with more information about how you can combine your enterprise mobility profile with your security strategy for a tailored security solution. In the meantime, if you have any questions, don’t hesitate to reach out in the comments or on Twitter.