Security Manager's Journal: Coming through for the business
Our manager finds a way to enable iPhones and Android devices to be used on the corporate network
Computerworld - Sometimes, the security manager doesn't have to be the bad guy.
There are admittedly many occasions when I have to get in the way of a business request, project or software rollout (usually because they started without me), but I try to avoid that scenario. I believe security can help the business be successful. Often, I have to settle for just ushering the technology in a direction that makes sense from a security perspective but doesn't change the overall outcome. But I really try to use security as an enabling tool that helps the business exceed its goals, by opening up technology in a secure way to employees, partners and customers so they can do more than they would have thought possible. When I'm able to do that, it makes me feel good. This month, I'm feeling good.
This time, security is helping the business by enabling a mobile workforce. I've been searching for ways to protect iPhones and Android devices, because I'm starting to see an influx of these popular smartphones. People love these machines, and they want to connect them to the company network. The problem is, these devices are not enterprise-capable, by which I mean they can't be centrally managed, provisioned and wiped without cobbling together a custom approach of some kind using free or commercial software components not provided by the manufacturer. I don't want my company's intellectual property residing on these devices without access control, encryption, passwords and remote-delete capability.
I found a commercial product that does all those things, and more. With this new software, I can segment and compartmentalize our company data on these devices, encrypting and protecting it. Better yet, when I need to delete that data (because an employee leaves the company, for example), I can leave personal data and applications intact. How cool is that?
But here's where the business enabler comes in. Now that I have the capability to fully secure our confidential data, I can fully support (and even encourage) the use of mobile devices in my company. And that includes iPads, a device that I was not even considering but can give our mobile workforce and sales teams far more effectiveness and efficiency than a laptop. Not only that, but I can also sponsor a program to allow employees to start connecting their personal devices to our network, which will save the company millions of dollars a year in data plan costs. Saving a lot of money and improving our workforce effectiveness gives a boost to the reputation of security -- and that provides credit I can spend later when I need to make people unhappy!
More by J.F. Rice
- Security Manager's Journal: Trapped: Building access controls go kablooey
- Security Manager's Journal: We manage our threats, but what about our vendors?
- Security Manager's Journal: With Heartbleed, suddenly the world is paying attention to security
- Security Manager's Journal: A rush to XP's end of life
- Security Manager's Journal: Security flaw shakes faith in Apple mobile devices
- Security Manager's Journal: Cyberattacks just got personal
- Security Manager's Journal: Target breach unleashes fresh scams
- Security Manager's Journal: Giving thanks for SIEM
- Security Manager's Journal: Hashing out secure applications
- Security Manager's Journal: Why the shutdown is like the cloud
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!