Why securing at the app layer is the future of enterprise data on a mobile device
I think it is prevalent enough at this point to say that “Consumerization” will be here for some time, and how the Enterprise can adapt is a constantly raised topic. One thing that I do see as moving to the front of this race, is the sandbox approach as stated previously on this site. But what I didn’t raise was how that was handled to not interfere with the user. Security is at the utmost of many larger corporations and their content must be protected - 2 quick ways about this is to secure the whole device, or secure the corporate data itself:
In the first model, companies like BlackBerry offer end to end encryption with a password upon the opening of the device, to do most anything except make and take a call. In the secondary model, the Enterprise does not impose it’s security policies until the user requires access to company information. To quickly SMS, take a picture, tweet, etc, the company is not in the way of that from happening.
Granted, it is easy to say for a company that will be offering Corporate Liable devices, that BlackBerry is a natural solution. But when a company looks to expand into the devices that their employees are already carrying, to reduce costs of not only the carrier monthlies, but device purchase and billing/contract management, it becomes imperative that the security policies do not impact the end users experience - it is after all, their device and money that you’re messing with. For this reason, companies like BlackBerry and Microsoft really need a wake up call if they think at their current, lock on opening model will be successful in the next BYOT (Bring Your Own Technology) shift.
