Why Containerisation Matters More Than Ever Before

Enterprise mobility has come a long way in the past two decades. When the concept was first coined, it meant giving a select number of staff corporate mobile devices with email access, or possibly going so far as to equip them with a laptop for occasional home or remote usage. Few would have predicted it would ultimately mean staff sat in the office while accessing the corporate network via their personal smartphone, checking their emails while walking from one meeting room to the next, setting up their tablet as a second screen on their desk or uploading documents to their personal cloud to be accessed on their journey home.

The revolution in enterprise mobility has been driven from the ground up, a case of employees taking technology into their own hands to do things more quickly and efficiently while leaving the IT department trailing in their wake. As organizations mobilize, they cannot afford to compromise corporate security: yet mobility is in a constant state of flux, with new innovations in communication, collaboration and productivity-enhancing technology continuing to disrupt and confound conventional security practices.

Consequently, as businesses move up the mobile maturity curve, many are finding traditional mobile device management to be insufficient in providing the controls they now require. This is mainly because while mobile malware remains a big hazard, data leakage and device loss represents an equal security threat.

There’s also the lack of consistency presented by the exponential rise of BYOD. Every device implements security in a different way, while different devices may be running different OS updates, security patches, supplementary always-on apps in the background, and other factors that add to the complexity from an IT management perspective.

It’s no surprise then that businesses are starting to turn away from mobile device management as their only solution and as the central plank of their secure mobility strategy.  Many businesses are now starting to look at containerization and mobile application management (MAM) in addition to a mobile device management solution.

A secure container is an authenticated, encrypted area of a user’s device that can be used to insulate sensitive corporate information away from the personal side of the device, and the technology is increasingly being turned to as the optimal solution to help IT managers separate work from play, delivering flexibility and security for both the employee and the organization. 

Offering a complete set of customizable policies and profiles, containerization can help ensure the right policies are applied to the right employees and the right devices. For example, a recent study showed that more than half of firms believe employee error to be the most salient threat to sensitive data, with growing incidences cited of employees using of personal file-sharing apps in the workplace, sending unencrypted emails and forwarding documents to unauthorized parties.

One of the barriers to containerization uptake is that containerization solutions previously focused on ring-fencing applications through less-than-secure device-level controls. The security scope of these solutions has also been narrow; focused on protecting app data or content such as corporate documents without looking at the bigger picture – for example, securing the interactions between different apps.

Yet times are changing and some new containerization tools offer the ability to encrypt not only the applications, but also inter-app communication, configuration details and user credentials, and of course the data itself, irrespective of the device being used – meaning that even if a criminal cracks a stolen device, they still can’t gain access to their prize.

Containerization creates a win-win situation for both employer and employee. For the business, CIOs can set granular security policies at the application level, such as strong password requirements and control of data sharing to determine what employees can and cannot access. For the employee, it means they can continue to benefit from the growing opportunities presented by advanced mobility technology, safe in the knowledge that their device has clean separation between personal and business data, while of course keeping their own personal content private.
 

As enhanced General Data Protection Regulations (GDPR) – set to be implemented in the UK from 2018 onwards – force organizations to re-evaluate their approach to data security, protecting both the employer and employee through containerization is also an effective step towards GDPR readiness.

Ultimately, the move towards more stringent compliance and security measures is unlikely to be reversed given the growth in connected devices in the enterprise and the resultant increase in endpoints. Businesses have long struggled to keep up with the pace of change within enterprise mobility, leaving corporate data at risk, hence the pressing need for a mindset shift away from securing networks of computers to securing networks of endpoints.

Businesses must be able to confidentially and reliably transmit sensitive data between endpoints to keep people, information and goods safe, and with enterprise tech innovation showing no sign of slowing down, solutions such as containerization are needed to provide a more adaptive, flexible and future-proof approach to securing the corporate network.

What’s Hot on Infosecurity Magazine?