Editor’s Note: Welcome to our weekly Reality Check column. We’ve gathered a group of visionaries and veterans in the mobile industry to give their insights into the marketplace.
For CIOs and IT managers, bring-your-own-device often seems short for “bring your own dilemma.” On the one hand, enterprises don’t want employee-provided devices undermining security, including providing new back doors to the company network. On the other, heavy-handed policies and tools undermine the user experience to the point that employees try to get around those safeguards, creating even more security risks.
BYOD is the latest security challenge that enterprises, government agencies and other organizations face as more and more of their workforce goes mobile. In fact, Ericsson predicts that by 2016, 70% of cloud access will be over cellular. That trend means at many organizations, many or most employees will spend their workday using a tablet or smartphone.
In many respects, mobile operators are in the same boat as enterprises. For example, both need to identify and stop malware before it starts to spread. There are bottom-line costs when malware isn’t nipped in the bud, including overloaded help desks and contact centers fielding calls about devices that suddenly don’t work right. Malware also produces unwanted traffic, so it clogs up the operator’s network, and it eats up the enterprise’s data bucket.
There’s no shortage of mobile device management, mobile application management and other tools for maximizing security, but they each have their drawbacks. For example, traditional security mechanisms such as IPSec and SSL VPN are processor-intensive, creating a drag on performance that undermines the user experience on even high-end smartphones and tablets. IPSec and SSL VPN also are chatty, which consumes network capacity and saps battery life.
Those drawbacks are one reason why the network itself should help ensure security. Infrastructure will always have more processing power, memory and energy at its disposal, so it should handle the heavy lifting. The network also is in the ideal position to identify emerging threats before they spread to more devices and the problem gets out of hand. The network’s central location also makes it easier for the enterprise or mobile operator to push out security updates instead of waiting for users to download them.
That’s not to say that device-side clients can’t play an important role, too. For example, that software can provide valuable information to help the network identify problems. It also provides an additional, local layer of protection.
In some ways, having both network-level security and device-side clients can bring the best of both worlds. For example, physicians, nurses and home health aides frequently use smartphones, tablets and other devices across a variety of networks – Wi-Fi, mobile wireless or hardwired – making it essential to have policies set in place both via the network and on the device side. Managing security at the network level with policy controls can help these professionals keep the gigabytes of confidential patient data secure that is being transferred daily across a variety of devices.
Compression enables mobile-friendly encryption
Encryption is another highly effective way to ensure security in a BYOD environment, as well as when the enterprise provides employees with smartphones or tablets. Encryption helps ensure that confidential information stays confidential when it’s en route and on the device.
AES-128 and IPSec are the two major encryption standards in use today. The catch is that they were both created when PCs and wired networks were the norm in enterprise communications. As a result, they have a couple of drawbacks when they’re used on mobile devices and wireless networks. For example, they don’t use battery power and spectrum resources as efficiently as they could if they were designed for today’s mobile workforces.
By using compression in combination with either AES-128 or IPSec, to compress and encrypt in a single pass, data can be delivered up to 10 times faster. This also provides another layer of security when used in conjunction with a cache mechanism.
That has several benefits. Each download or upload requires less battery and spectrum resources. And because the employer-authorized communications mode provides a super fast connection, employees are unlikely to look for less secure alternatives, such as a random Wi-Fi signal that might be there only to harvest passwords and other confidential information. Lastly, the added security layer provides increased protection for the employer.
For CIOs and IT managers, BYOD is both a challenge and an opportunity. By selecting the right security and encryption solutions, enterprises can mitigate BYOD’s risks and reap benefits such as increased productivity and responsiveness.
Vaughan Emery is the founder and CEO. He works closely with technology partners to deliver the company’s mobile solutions to its customers. Throughout his career, Emery has developed key business relationships with mobile operators, phone manufacturers and technology partners within the United States, Asia and Europe. Previously, he founded a mobile security technology company, which developed an advanced malware security solution for mobile phones and embedded devices. He has over 20 years of leadership experience in commercial product development, technology services and business development.
