<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">
blog-banner.jpg

Next-Gen CASB Blog

MDM: The Patriot Act of BYOD Programs

By Annie Wang | June 18, 2015 at 11:19 AM

mdmSeptember 11th, 2001 was a day that would forever change the state of security in the United States. It was obvious that something had to be done to make sure such a brutal attack would never happen again -- and subsequently, after the attack, came The Patriot Act. The act dramatically revised legal constraints with the intent to deter such attacks from ever happening again. In the name of security, the federal government was allowed to tap into citizens phones, gather personal records, search homes and businesses without warrants, etc. 

“But at what expense?” said the skeptics.

 

 

In the last few years, data security has shot up as a priority for organizations of every size and in every vertical. Anthem, Morgan Stanley, Sony, Home Depot, Target… Fortune 500 companies have been getting knocked down one after another. It has been proven that those who are thought to be the most secure also are the ones who have the most to lose. At the hands of cybercriminals, these breaches have exposed enterprises, their employees and their customers time and time again.

How does this relate to BYOD? As of 2014, 26% of data breaches have been the result of lost mobile devices.  As BYOD programs become increasingly popular within organizations, securing mobile data has become a necessity. MDM solutions attempt to enable enterprises to manage employee owned mobile devices and deter breaches. In the name of security (and out of fear of being the next headline on MSNBC), these solutions violate the personal privacy of employees... And it is the employees who are quick to learn how intrusive MDM solutions prove to be. Sounds a lot like the Patriot Act, no?

MDM solutions allow enterprises to do the following:
  • Lock/disable the device
  • Wipe data
  • Control network access
  • Force all traffic through a VPN or proxy for further security inspection
  • Monitor GPS and location information
  • View application inventory and controlled what the employee may install
  • Limit the use of cloud services

It’s no wonder that folks like Gartner are now actively advising enterprises to abandon device-centric security models like MDM and to start exploring data-centric solutions:

New Call-to-action

Sukhmen Nijjar
Marketing Manager | Bitglass