MSP Today Expert Feature
September 19, 2013

When it Comes to BYO, Securing the End Device is a Losing Proposition for the Enterprise


When it comes to the bring-your-own (BYO) trend, Moka5 operates on a pretty basic tenet. It is one that extends from the end device all the way to the cloud, and covers all points in the middle, regardless of how they may be configured.

"There will always be ways to thwart device security and device management," says David Appelbaum, senior vice president of marketing at Moka5. "Don't manage the device, assume the device is corrupted." Given the myriad security solutions on the market today aimed at isolating the end device, or a specific application, or even a specific network, that's a pretty bold approach. And yet, the world is pushing toward a BYO model in which end users are employing their own PCs, laptops, smartphones and tablets to move data all over the place. The cloud can present a wild card in that equation depending on how it is used, and so Moka5's concept of protecting data and not individual devices is a sound one.

Moka5, based in Redwood City, Calif., secures the workspace instead of end devices, locations or specific applications. The company uses client virtualization to create "containers" that essentially isolate the end user's workspace from the end device and over whatever network is being used, to wherever data is traveling. Transactions are fully encrypted within the container, while users' personal data and apps may continue to reside on their end devices, outside of the Moka5 secure perimeter. The company's platform may be used for everything from desktops to smartphones to tablets.


Image via Shutterstock

The container is created using the BareMetal principle in which client-virtualization software is installed directly on any machine. Once the Moka5 workspace is created with all the relevant apps and data, isolated from the underlying OS, the software creates a single "golden" image for all corporate devices. That image may be updated, modified or deleted completely from a device within seconds through central management.   

"What you're getting is essentially a second computer," says Appelbaum. "Why would you spend the time and money to update a $500 or $600 device?" He added that with smartphones, laptops and other end-user devices now commodities for most remote workers, fueling the BYO trend, it doesn't make sense to issue each user a costly corporate device, with regular software and security updates required that an in-house IT department must perform.

And yet many large enterprises are clinging to an expensive, resource-intensive method of managing remote workers, and one that flies in the face of BYO. As more and more C-level executives employ smartphones and tablets and insist on using them to access corporate email and other data, IT departments have been forced to support those devices. And they are doing that in the manner they're accustomed to, which is to secure the device.

"The problem is when you take that kind of approach, you're suddenly dealing with systems that are very heavy, intrusive and costly," said Appelbaum. "It defeats the purpose of why you're using the device in first place - because it's lightweight and flexible." He added that heavyweight apps meant to secure end devices often fail to differentiate between which data and apps belong to the end user and which are corporate. In a nutshell, it's not an effective way of isolating work from play.

Moka5 believes cost savings will be the ultimate driver in propelling enterprises to adopt a new approach to BYO. When companies realize just how much they can save by securing data on workers' existing BYO devices as well as network access, they will understand the true value of this approach.

And as far as the cloud is concerned, adoption and deployments should not interfere with BYO. People are used to popular cloud apps like Dropbox (News - Alert) for moving data and that's not likely to change any time soon, according to Appelbaum. But cloud-based file sharing, storage and other apps may be used effectively within Moka5 containers, eliminating security headaches for IT administrators. The company also plans to make its own cloud announcement during the first half of 2014.

Moka 5 is now focusing on the Asian market, with its evolved mobile infrastructure and growing deployments of BYO and remote and offshore contractor scenarios. The company is releasing a Mandarin version of its platform, and is working with distributor Lenovo (News - Alert) to expand their footprint in the overseas market.




Edited by Alisen Downey




Comments powered by Disqus