The question of whether to implement a BYOD (bring your own device) program boils down to risk vs. reward. Businesses stand to gain increased innovation, flexibility, and productivity — but their data can also become vulnerable. The risks, especially with the changing security and device landscape in 2014, merit serious consideration. One of the most common efforts to manage those risks is containerization — the practice of separating personal and professional data on a device and creating an encrypted data store in an effort to improve security. Here are five things to discuss with your clients considering containerization as a part of security efforts related to BYOD.
1. Containerization is not a cure-all
Container technology still falls short on detecting jail-breaking in personal devices (which, in the case of Apple devices, strips them of their security model.) Containerization is also no protection for rooted devices.
2. Time to implement
If your client decides containerization will work for them, it will probably take a process — not just a purchase — to implement it. To use Citrix as an example, if you decide to use their XenMobile containerization software, apps have to be developed using the Citrix API and SDK — or you can enlist the assistance of an app developer through Citrix’s Worx-enabled program.
3. Choice of solutions
A common option for containerization is application wrapping — which essentially “wraps” an app making a secure container. Another approach is using a “dual persona” employing VDI (virtual desktop infrastructure). Or you could use an encrypted “folder” in which protected data is stored.
4. Device Management
Once an approach to containerization and a vendor are selected, organizations must then focus on controlling data leaks. This means they have to be able to manage the exchange of data between the container and the rest of the device — which equates to managing everything from the access of unauthorized apps to printing options.
5. User Experience
Even once a workable solution is found, it is essential that your clients and their employees have a positive user experience — to keep them from resorting to work arounds. Multiple logins or difficulty navigating functionality will be definite deterrents to proper use of containerized services.
Containerization, although not a new concept, is a part of the discussion revolving around security for the growing Internet of Things. VARs are presented with not only unique opportunities to aid their clients in device selection, but to also establish themselves as trusted advisors as their clients navigate the complex environment of security and BYOD.