BYOD: "Work is what you do, not where you go"

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

We spoke to Barbara Nelson,vice president and general manager of

Imation

, which is responsible for the award-winning IronKey line of encrypted flash drives. She told us about the emerging threats brought to the fore by bring your own device (BYOD) policies, and what your company can do to protect itself.

Security has never been more important, with more and more work being done outside of the enterprise. In your role at Imation, what do you see as the future of mobile security?

The future of mobile security lies in the understanding that work is what you do, not where you go. In an ideal world, corporate data would never leave the office but there are all manner of sanctioned and unsanctioned reasons why employees need to access data and systems away from the office. They're working from customer sites, visiting suppliers, or simply adding the final polish to a presentation at home for tomorrow's 9:00 am meeting.

If you accept that work is activity and not location, the conversation shifts from discussion of mobile devices to how can we balance employees' desire for flexibility with IT managers' need to be able to track who's accessing data and systems, how, when and where. When we take this approach to BYOD and remote working, we're more likely to consider the security and management precautions needed to give everyone peace of mind when company data goes mobile.

The nature of BYOD encourages productivity and ease of use. How does Windows To Go achieve this?

The Windows To Go proposition is simple: Make any PC your work PC. You can take the IT provisioned Windows environment you use at work, and run it on your computer at home, on the road, or in a remote office from the secure USB workspace – completely separate from the host computer.

For an organization that wants to encourage BYOD with PCs, this is an incredible opportunity. Instead of outfitting telecommuters or contractors with a secure corporate laptop, IT can hand them a USB Windows To Go workspace – at about 1/5 to 1/10 the cost – and let them use their own devices.

Employees can be more productive with Windows To Go because they get a secure desktop environment has the same operating system and applications they use on their office machine, which means that they can be productive no matter where they are. Plus, they can use the computer they want to use, not the company issued device.

One of the biggest issues with BYOD is security. With the IronKey Windows to Go solution, IT managers can take comfort that the USB isolates corporate data from the host machine's hard disk but still gives access to hardware and peripherals like webcams and microphones that are essential for employee productivity. The IronKey solution takes this a step further by offering centralized device management for Windows To Go drives. This allows an organization to choose a hardware encrypted Windows To Go device that is IT managed, IT provisioned and IT secured. The organization can keep track of when and where devices are being used and, if lost or stolen, can remotely wipe the USB to avoid a data breach.

Is mobile working a threat on the traditional office space? What implications will this have to IT systems?

Remote working is today's reality -- an opportunity not a threat. Traditional office space will be around for a long time – the right office space fosters work, creativity and collaboration. And mobile working is here to stay because both employees and organizations appreciate the productivity and morale advantages of flexible working arrangements and working efficiently on the road.

Security makes mobile working feasible. The old approach of locking down corporate systems meant that workers were often trying to circumvent systems and processes to remain productive. They loaded personal USB sticks that weren't encrypted or traceable with corporate data, and sent sensitive documents to personal email addresses so that they could work from personal devices.

Employees will only use secure solutions provided by IT teams if they fit into the way they work and deliver comparable performance to their desktop at the office. The solution lies in a combination between policies and technology that will protect data and networks by tracking and controlling the devices, and manage maintenance.

We're constantly hearing about high profile data breaches, what can companies do to safeguard themselves against costly data leaks?

First, encrypt data using hardware encryption. Why hardware and not software? Software encryption is like having a deadbolt on your front door, but glass panes on either side. Anyone with a large enough rock can break the glass and open the deadbolt. Hardware encryption is a deadbolt with a metal door and metal panes. No one can break through. All IronKey product categories, whether storage or Windows To Go workspace, offer hardware encrypted options.

Data breaches from all sectors have become a regular trend in news coverage and it's clear that we must have systems in place to protect ourselves and the public – from this plague. Implementing internal policies and systems, such as hardware encryption and strategies to help prevent data breaches is vital, particularly given that studies show that the human factor is also a critical issue in data breaches. Staff training is really important so that employees are fully aware of how they can and should protect data. Marrying awareness with flexible but manageable systems is the best way to protect against data breaches.

Do organisations need to rethink their attitude to BYOD? Are we being too trusting with company data?

Imation did a survey of IT decision makers in the UK that found that their confidence in data security drops dramatically when employees work from home or go on the road. As long as organizations are staffed by human beings, there will be data breaches. The question is what we're doing about it. The technology is there today to improve data protection in BYOD situations.

Employees can carry files between computers in rugged portable devices with hardware encryption, strong authentication and management. We're seeing incredible interest in Microsoft's Windows To Go as a way to turn any BYOD PC into a hardened, IT provisioned, IT managed system, with encryption and management to ensure in-office levels of data security – or better.

Windows To Go is a great way to address the balance between employees' desire for flexibility and IT departments' need for security and oversight.

Image: Flickr (ul_Marga)

Topics