That confidential document may be perfectly secure from intrusion efforts while sitting on a corporate server. But it only takes one employee copying the file to a personal cloud storage provider to completely undermine every security measure an enterprise puts in place. IT departments can warn about the dangers of cloud storage until they are blue in the face, but employees continue to migrate sensitive data to their own personal cloud storage accounts to help them work from home or while they are on the move.
But what if security were implemented at the document level, rather than at the storage level? That is the thinking behind MobileIron's announcement of its new Content Security Service (CSS), which aims to help enterprises secure corporate data, even when files are sitting on an employee's personal cloud.
The Personal Cloud Threat
The personal cloud is the most persistent data loss threat to the enterprise today because employees often use their own cloud services to store work documents. According to MobileIron, CSS is the first solution to address this prevalent example of "Shadow IT" by providing both the document-level security and integration into an enterprise mobility management (EMM) platform necessary to protect enterprise content across personal cloud services like iCloud or Dropbox.
"Employees often bypass restrictive IT policies to use their preferred consumer apps for work, unintentionally putting corporate data at risk," said Chris Hazelton, research director for enterprise mobility at 451 Research. Hazelton said that 39 percent of U.S. workers use consumer apps for work-related business because they use them in their personal life.
"IT needs to secure data regardless of where it is stored and used," he said. "Moving security from the device to the document level allows IT to reduce the risk of data loss even in the personal cloud."
The challenge with traditional content security solutions has been that security is normally implemented as part of the storage solution. This requires the migration of work documents to a new content storage repository in order to enforce security policies, which increases complexity by creating more repositories for the enterprise to manage.
Security Separated from Storage
CSS is the first service that separates security controls from data storage methods, allowing access to documents to be managed across the various sites where they may be stored, according to MobileIron. Documents do not have to be migrated to a new repository and are secure even when stored in a personal cloud service.
"Mobile-first CIOs realize that many employees store work documents in the personal cloud and that saying 'no' doesn't change their behavior," said Ojas Rege, vice president for strategy at MobileIron. "Our mission at MobileIron has always been to allow employee choice without compromising enterprise security. The MobileIron Content Security Service transforms the personal cloud from an IT nightmare to a powerful tool for employee productivity."
Posted: 2015-02-11 @ 6:07am PT
Multiple EMM companies have had this capability for awhile now - AirWatch and Citrix are the ones off the top of my head. Nothing revolutionary here.