This article can also be found in the Premium Editorial Download "Information Security magazine: Insider edition: Layering mobile security for greater control."
Download it now to read this article plus other related content.
The onslaught of mobile technology enabling anyone access to corporate data anytime, anywhere is forcing many IT administrators and CIOs to renew their quest for the Holy Grail of mobile data security. A careful approach to application virtualization can aid in that pursuit.
There is no single solution for companies to keep their data safe. Each deployment is different, whether it's in healthcare, education or another industry, but basic mobile data security concerns transcend all environments.
"This keeps me up the most at night," said Linda Hartford, CIO at Northeast Wisconsin Technical College in Green Bay, Wis. "We all have firewalls and data protection and double authentication on certain systems where we need it. I think it's a constant [process] to keep up with the knowledge of what's changing in the environment and how people are getting past the [security]."
End users and IT professionals have a wealth of choices in this era of bring your own device (BYOD), bring your own application and now bring your own everything. In every organization, administrators need to secure not only devices, but also the network traffic and where data and apps reside in the data center.
Application virtualization provides a model and advantages for delivering a level of mobile data security to mobile end users. A host of vendors such as VMware, Novell, F5 Networks and IBM offer packages and services to help IT administrators virtualize corporate apps.
When the data is centralized, there is less opportunity for data to get lost, especially when data management complies with multiple layers of security, said David Glenn, executive vice president at IT consulting firm Creative Breakthroughs Inc. in Troy, Mich. Application virtualization provides a way to isolate the apps or operating system and "containerize" the computing process, he said.
IT admins can then create mobile data security policies that enable them to manage devices so that if they are compromised, the entire system will not have to be wiped, Glenn explained.
App virtualization can be an ideal situation for many enterprises, but it requires work to add a layer in the environment to maintain separation for mobile devices, especially in BYOD scenarios.
A secure and encrypted container on the mobile device enables end users to access corporate applications, and IT can control which apps people use, said Erik Frieberg, vice president of product marketing for end-user computing at VMware Inc. in Palo Alto, Calif.
"Virtualization on a mobile device is not about saving money; it's about security" said Bret Hartman, chief technology officer of the Security Technology Group at Cisco in San Jose, Calif. He noted that if more security was embedded in the operating system and hardware layer, it would help prevent potential leaks.
But the tradeoff for more mobile data security could be more frustration for end users if they suffer from network latency or connection problems. For example, if end users require high-bandwidth applications such as streaming videos to mobile devices, there is the risk of decreased performance. Network optimization products from vendors such as Hewlett-Packard and F5 can help improve the performance for such high-bandwidth applications.
This was first published in November 2013