On: 13 Mar 2018

Stephen O’Herlihy, chief technical officer at PFH Technology Group, underscored the message, saying that with mobility comes new security challenges.

“We’re very much delivering solutions for mobile devices. We’ve seen a huge proliferation of devices in recent years. In the good old days, staff had one desktop [computer] and maybe one laptop. It was a lot easier to manage, but now it’s all changed.

“A phone is not a phone; it’s a smart device, AKA a computer,” he said.

While the expectation of a shiny new device in the workplaces comes from consumer life, O’Herlihy said it does not mean that business has to suffer due to the vagaries of ghost of fashion. In other words, IT departments are not left ignorant of devices.

“What we’re trying to do is create a win-win situation. You’ve got to have a level of security and control and governance, while [also] meeting the needs of the end-user. The end-user will say ‘any device, any app, anywhere’. IT is, of course, saying, ‘only one device, only one app and only in certain locations’,” he said.

The key to squaring this circle, he said, was top think beyond devices altogether, and instead think of what is contained on them.

“We went through mobile device management where the device itself was managed, but now people need more. When it comes to Android devices the advice to customers is stick to mainstream devices, the Samsungs of this world, who have the APIs and ability to use AirWatch from VMware. Android has to be encrypted, and the lower-end devices can’t do that.

“The norm is BYOD, but we have a certain amount of caveats around that: we have systems so that the data can’t move from app to app.

“The corporate apps are in a secure bubble, so to speak. They can talk to each other but they can’t speak outside the bubble. This stops data leakage,” he said.

O’Herlihy said that remote wipe, while still available and a useful failsafe, is typically now augmented with more sophisticated forms of data control.

“We still have the capability for remote wipe, but [in general] IT will only have jurisdiction over the parts that they control,” he said.

This is very much in line with thinking more in terms of the data than the device.

“Ultimately, what we say to our customers is you are not delivering a device, you’re delivering data. What sits between the data and the users in terms of security and control should remain the same regardless of what device is being used,” he said.