Ericsson Says Enterprise Needs to Shift to Data-centric Security Approaches – We Agree

December 19, 2014
By Kris Bondi

Earlier this month, Mari Silbey’s Light Reading article, Ericsson Calls for Data-centric Security Approach, reported that Ericsson Head of Cloud Technology Jason Hoffman had called for companies to move from trying to secure entire systems to focusing on securing the important data within it. At the Mobile Network Security Strategies event, Hoffman said it “won’t be long before our data systems are all massively distributed, and there are substantially more connected devices than humans.” Arguably, if we aren’t there yet, it seems as if this shift in numbers will happen any day now. With data distributed geographically, as well as in a growing number of endpoints, focusing on hardware lockdown is the wrong approach.

At Moka5, we agree that securing data is critical, but how you secure sensitive data is equally important.

For example, many companies attempt to secure data by requiring work-related information to only be accessed remotely through a desktop in the data center, while others lock down endpoints. Unfortunately, neither of these approaches reflects the true nature of how knowledge workers – employees, contractors, agents, etc - work in today’s world. For example, I am writing this blog post while on a flight sans WiFi. If my only access to my work environment required a VPN connection to the network, I would be relegated to scribbling notes for later. That may not seem too bad, but what if I was calculating customer-related metrics? I would either be unable to work OR maybe I would email the sensitive information to my personal laptop so I could continue to work outside the “locked down” environment. Suddenly, limiting access or securing hardware doesn’t seem like such secure options.

By working in my Moka5 secure container, I’m able to access my work files online or offline, while still keeping them siloed from my personal information. With over 130 security policies, my IT department has set parameters for my container that match the company’s corporate policies as well as my position. Say, for example, I was an external developer. The policies could be set so that I’m unable to email information out of the container or utilize the host machine’s peripherals; meanwhile, a mobile executive would have more flexibility. In both of these cases, the data is secured AND how the end user interacts with it is appropriate for each of their roles.

Simply stated, containerization is a data-centric security approach that has the flexibility to match IT’s corporate security needs AND how their end-users work. To hear exactly how Moka5’s containerization works, watch this great video overview by the always entertaining and informative Moka5 Chief Architect Ian McWhilton.

Comments are closed.