Secure business transformation

Davey Winder investigates how to best protect enterprise networks and data while embracing BYOD, cloud and virtualisation.

The majority of business leaders in the UK believe that they relinquish responsibility for data security when it is stored in the cloud.

You'll also need to keep reviewing information security at each and every step of the transformation "to ensure that the information and security triad of Confidentiality, Integrity and Availability (CIA) is maintained," McNeil adds. CIA can be defined as:

  • C: Protecting information from disclosure to unauthorised parties;
  • I: Protecting information from modification by unauthorised users;
  • A: Ensuring the information is available to authorised users.

Getting specifically secure

The generalisations are now out of the way. But what about best practice as it applies to securing the specific business transformational technologies of BYOD, cloud and virtualisation?

BYOD

Once an employee connects their mobile devices to the office Wi-Fi, you are facing a mobile file management situation. Often organisations will take this a step further and allow them to connect to the corporate email. However, by doing this, you then become responsible for the management of the information and content that enters and leaves your company network from their device.

"There are problems when people start bringing in different devices with different security levels and features," warns Alan Laing, vice president of Acronis in Europe, the Middle East and Africa (EMEA). "For instance, some older Android devices run operating systems that are not very secure, so you can have people sharing files over the company network and sending emails to themselves. Then the device will get forgotten on the bus ride or on an airplane and you have a serious data breach."

Newer devices like iPhones or iPads do have restrictions that can be applied, such as not allowing the use of Safari, email or locking the camera. Companies are able to do this if they add a small file to the device. However, the employee has to willingly provide the device for this. "For other devices, companies can provide mobile file management solutions which enable businesses to apply their own rules," Laing adds.

"You have a remote control, which allows you to see who has an iPad or an iPhone or who has six tablets and two smartphones and so on and then you can distribute those rules to those devices."

 One of the most basic restrictions an administrator can enforce is access to the server on an iPhone. You can enforce a pass code to come up as soon as someone tries to connect a smartphone or tablet. "There are also apps that manage access to corporation information on devices," Laing says.

He continues: "They can be downloaded from Apple's App Store or the Android Market (Google Play) and give employees access to the enterprise network. They start accessing share points and network resources on mobile devices within the restrictions of the application. This means that devices aren't locked, but a company is able to ensure that its employees have something efficient and that is easy to use and gives them quick and easy access. This solution stops staff being able to send themselves emails or add corporate content to Dropbox or Skydrive."

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021