Security Manager's Journal: Coming through for the business

Our manager finds a way to enable iPhones and Android devices to be used on the corporate network

Sometimes, the security manager doesn't have to be the bad guy.

There are admittedly many occasions when I have to get in the way of a business request, project or software rollout (usually because they started without me), but I try to avoid that scenario. I believe security can help the business be successful. Often, I have to settle for just ushering the technology in a direction that makes sense from a security perspective but doesn't change the overall outcome. But I really try to use security as an enabling tool that helps the business exceed its goals, by opening up technology in a secure way to employees, partners and customers so they can do more than they would have thought possible. When I'm able to do that, it makes me feel good. This month, I'm feeling good.

This time, security is helping the business by enabling a mobile workforce. I've been searching for ways to protect iPhones and Android devices, because I'm starting to see an influx of these popular smartphones. People love these machines, and they want to connect them to the company network. The problem is, these devices are not enterprise-capable, by which I mean they can't be centrally managed, provisioned and wiped without cobbling together a custom approach of some kind using free or commercial software components not provided by the manufacturer. I don't want my company's intellectual property residing on these devices without access control, encryption, passwords and remote-delete capability.

I found a commercial product that does all those things, and more. With this new software, I can segment and compartmentalize our company data on these devices, encrypting and protecting it. Better yet, when I need to delete that data (because an employee leaves the company, for example), I can leave personal data and applications intact. How cool is that?

But here's where the business enabler comes in. Now that I have the capability to fully secure our confidential data, I can fully support (and even encourage) the use of mobile devices in my company. And that includes iPads, a device that I was not even considering but can give our mobile workforce and sales teams far more effectiveness and efficiency than a laptop. Not only that, but I can also sponsor a program to allow employees to start connecting their personal devices to our network, which will save the company millions of dollars a year in data plan costs. Saving a lot of money and improving our workforce effectiveness gives a boost to the reputation of security -- and that provides credit I can spend later when I need to make people unhappy!

I'm not here to advocate products, so I won't mention the name of the product that has given me all these benefits. Many readers have e-mailed me asking me to provide details about various security products I've implemented at my company, but I don't want to do that. My advice is to do your research to find out what's available (getting a trusted, impartial reseller can help with this), and make your own scorecard to decide which product is best for you.

I'm glad I'm able to end the year on a positive note. Here's wishing you the very best for 2011.

This week's journal is written by a real security manager, "J.F. Rice," whose name and employer have been disguised for obvious reasons. Contact him at jf.rice@engineer.com.

Join in

To join in the discussions about security, go to blogs.computerworld.com/security.

Join the discussion
Be the first to comment on this article. Our Commenting Policies