There’s a Reason Homes Don’t Have Moats Around Them.
We Have Trust Issues (and that’s ok)
Just as the Trojan Horse invalidated the usefulness of a moat thousands of years ago, its technological equivalents in today’s high-tech world are doing the same to traditional approaches to mobile security like MDM/EMM solutions. Security solutions have certainly advanced over the years, but so have the sophistication of attacks. Mobile devices are particularly susceptible to compromise, and today’s environment of BYOD and personal devices connected to corporate networks creates a wide vulnerability profile and puts sensitive data at risk. That’s not to say that you should crumple up your BYOD plans and toss them in the trash, quite the contrary. There are a number of security strategies to protect organization data on mobile devices, but when it comes to unmanaged / BYOD devices, containerization remains the best option – maybe the only option.
Here’s why :
Assume Hardware is Compromised
Even those who have been vigilant in their security architecture have been surprised to find compromised hardware in their internal networks and even at the ISP level. In today’s world, we can no longer assume that hardware or provider networks are secure. We need a solution that can keep data safe even when devices or networks are compromised. This is where secure containers shine. SyncDog’s approach to encrypted storage on mobile devices protects assets inside the container even if a device is jailbroken or running on infected hardware. With screenshot detection and restrictions on copy and paste outside the container, we can ensure data that should be secure stays secure.
Assume Networks are Compromised
Even if a device is clean and internal networks are secure, there is still the possibility that data will travel over an unsecure environment at the provider level or another external endpoint. Spoofed cellular towers, network switches with hardware that could be easily corrupted, and even hacked DNS routing, mean that preventing man-in-middle attacks on transported data is essential. Issues with certificate chains of trust and recent problems with compromised TLS (Transport Layer Security) sessions mean that just depending on SSL/TLS is not enough – that “moat” is now easy to cross. Once again, SyncDog’s secure container goes above and beyond by providing end-to-end encryption with device-specific pinned certificates that have no risk of trust chain attacks, AES-256 encryption keys that change with every transaction, and secure device provisioning, all of which allow users to feel confident their data is safe no matter what path it takes in the “wild”and what device is being used to access it.
Usability and Control
One of the most common complaints about security infrastructure is its effect on user experience and flexibility. Two-factor authentication, password requirements, and other restrictions often cause users frustration when accessing and using business applications – and even greater frustration when using the device for more mundane and personal tasks. Aggressive MDM policies that control an entire device make it even more difficult to create a use space that enables access to both personal and business data, adding to user’s reluctance or even resistance to working with administrators. SyncDog’s secure container provides the best of both worlds by enabling a completely isolated segment of the device dedicated to business apps and data, allowing organizations complete control of the container through policy implementation while leaving user’s device operational for personal use. Containers provide the best balance between usability, management, and security that is necessary for today’s business operations.
A Modern Day Approach
The methods of attack are always challenging the status quo of approaches to security. Making matters worse, security solutions are always burdened by the need to balance protection against productivity. Mobility adds even greater complexity to the equation by combining inherently un-secure hardware with ever-growing demands for increased functionality, increased access to data and an unimpeded user experience. There are plenty of modern day “moats” in use that do a good job of protecting from common and predictable attacks, but a secure container is the best, if not only, solution that truly isolates and protects organizational data, while at the same time offering a seamless user experience that allows mobile employees to get the job done, no matter what device they are using to do it.