SAN DIEGO, Calif. — Fear and loathing in the workplace. It’s the gigantic problem brought on by the bring-your-own-device (BYOD) movement as management pushes to lock down company data and workers clamor for personal freedom.
Unfortunately, the answer is by no means a simple solution, Symantec CTO Stephen Trilling said onstage today at the MobileCON conference.
Symantec, a 30-year-old anti-virus and security company, is playing to the fears of enterprises everywhere and using the conference to peddle a new arsenal of enterprise-friendly security products, including management and security tools to help app-makers make their applications more secure.
But the company’s take on BYOD safety is admittedly incomplete, as the perfect system that will meet user and employer needs is one that calls on all mobile players to take part, from handset vendors to the carriers, according to the vision Trilling outlined.
“Users and corporations have different needs,” Trilling said.
Workers, he said, want the freedom to download apps, visit websites, use public WiFi, and access personal and work information wherever they are. Corporations, meanwhile, want to encrypt data so that it can’t be transmitted, and they need to know when devices are compromised. “Companies, ultimately and understandably, want to control access to all sensitive data,” he said.
Trilling concludes that a single solution must be flexible, impermeable, granular, manageable, resilient, and seamless.
In Trilling’s visionary BYOD world, the model system consists of four parts: industry standards, platform, containerization, and management.
More specifically, a single set of industry security standards serves as the base of the system. The platform tier assures, at the hardware level, that data is siloed, encrypted, and protected. Here corporation applications and associated data are isolated, protected from all the other applications on the device, he said.
Containerization, or the process of putting a secure bubble around an otherwise insecure app, gives enterprises the ability to control and contain application data. A worker, for instance, can only copy information between containerized applications owned by the same company and would only need to use passwords to access company services. With containerization, enterprises can look through enterprise data without scanning an employee’s personal data, and they can selectively wipe enterprise applications.
In the management tier, Trilling envisions a way for companies to manage these containers and set different authentication requirements for each application.
“No one company can do it,” he said of the Symantec vision.
The vision, dreamy though it may be, is integral to Symantec’s bottom line. The company made a majority of its fiscal year 2012 revenue, or $4.63 billion, from enterprise services.