Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Carmen Gonzalez, Pat Romanski

Related Topics: Cloud Security, Mobile IoT, Microservices Expo, Machine Learning , Agile Computing, Wearables

Cloud Security: Article

How to Re-imagine Your Business for a Mobile World

And keep your data safe while doing it

There is little argument at this point that the mass adoption of mobile technology and bring-your-own-device (BYOD) strategies by enterprises is a true business technology revolution. At the core, the catalysts driving this revolution are the vast array of mobile devices leveraging soaring bandwidth - 4G - and super-fast internals - quad-core processors - which have become commonplace.

With this high-bandwidth, ultra-capable combination, end users see the productivity and convenience possible by running the newest, most sophisticated business applications on their own personal mobile devices.

And it's not just end users who can benefit. A recent Symantec survey found that innovative companies - early technology adopters, especially of mobile technology - are seeing significantly higher revenue growth and higher profits than traditional organizations; in fact, by nearly 50 percent.

The question facing every enterprise is, "Are we re-imagining our business with mobility as a central component?" Here are some suggestions on how to accomplish this, while keeping sensitive business data secure.

Evaluate App and Data Needs
The previously mentioned Symantec survey found that 84 percent of those successful, innovative companies are proactively adapting their businesses based on business drivers rather than simply reacting to user demand. So, companies need to evaluate. Thus, the first step in re-imagining business in a mobile world is to determine the apps and data end users could utilize - beyond email - to get their jobs done more efficiently.

App Type
Apps for CRM, e-Health and ERP are just a few good examples of line-of-business apps companies in different industries can leverage to improve productivity through mobility. Add to this list cloud-based file storage apps that give users access to their data across computing platforms.

Data Access
Beyond app type, companies must take a closer look at target user groups to determine each segment's specific data access needs. Some users might need resident data on their devices, while others who are likely to have connectivity all the time can manage with cloud-based data. Understanding each group's specific needs will help determine the type of technology approaches possible.

App Procurement
Once app type and data access requirements are well understood, companies need to explore app procurement. For some, the only way to get exactly what is needed is to build a custom app or have one built for them. However, hundreds of thousands of apps are already available for the most popular mobile operating systems and, in many instances, the perfect app likely already exists.

Keep App and Data Security Top of Mind
The Symantec survey referenced earlier also found that the innovative companies who are leading the way in mobility adoption also experience about twice as many mobile security-related incidents, such as loss of corporate data. This leads to a second question enterprises must ask, "How do we keep our sensitive data safe in a mobile world?"

From a high level, there are really two approaches to keeping business data on mobile devices secure. The first is protecting data at the device level and the second is protecting it at the app level.

Device Level Data Protection
Data protection on mobile devices at the device level largely involves mobile device management (MDM) software. MDM provides business IT with control over complete devices and, as such, policies can ensure devices are password-protected and also provide the ability to remotely lock or wipe devices in the event of a loss or theft and even prevent the forwarding of emails.

However, MDM cannot address other data loss-related concerns such as copy and pasting of sensitive information or, more important, protecting corporate data in applications beyond the email client.

Thus, the device level approach creates an environment where it becomes far too easy for sensitive data to mingle with personal apps and leak out through, for example, a web-based email account, social networking application or personal cloud storage. This can all occur without IT ever knowing.

App Level Data Protection
The next logical area where enterprises can implement and enforce policies to keep data on mobile devices secure is at the app level. The previous iterations of this approach involved sandboxing technologies, where corporate data on mobile devices is held in an established digital container on devices, and data flow from the sandbox or container is controlled. This approach prevents the confluence of personal and corporate data, the ability to copy and paste data accessed from within the sandbox to other areas on the device, and unauthorized email forwards from within the sandbox.

This sandbox approach worked well when email was the only app businesses wanted to mobilize. However, as companies re-imagine their businesses with a focus on mobility, this approach falls short. Any corporate app that needs protection has to be built in or modified to fit into the sandbox. With the diversity of apps available, this approach is very limiting and even the early proponents of this technology are moving on to other strategies.

One of these strategies is mobile application management (MAM), which addresses the limitations of sandboxes while still meeting corporate security needs. MAM technology allows companies to wrap their corporate apps and the data tied to them in their own security and management layers. This gives enterprises complete control of their apps and data while leaving user-owned information untouched. In contrast to the legacy sandboxing approach, it does this without any additional overhead, either from affecting device usage or source code modifications.

With MAM, controls such as authentication, encryption, data loss prevention and expiration - apps and data can be manually expired or set to automatically remove themselves from devices based on perimeters established by administrators - can all be applied to corporate apps and other resources on otherwise unmanaged, user-owned devices. In this way, complete end-to-end visibility and control over where sensitive data is flowing - regardless of what mobile application or service is being used to traffic the data - can be achieved and, just as important, maintained.

In addition, MAM allows multiple corporate apps to securely communicate with each other and for data traffic segregation, so all traffic from corporate apps can be routed through the corporate network while the personal traffic is left unmonitored.

It is important to note, however, that MAM as a term is being used loosely within the industry. Different technology vendors use it to describe different things. Some refer to app distribution functionality as MAM and still others refer to simple app blocking as MAM.

From an enterprise perspective, however, MAM should be more than that. More than simply distributing the right apps and blocking the wrong ones, MAM is about protecting the corporate apps and data on mobile devices by taking management from a device level to an application level. It is the most effective tool for separating corporate data from personal data to make safe, effective BYOD policies possible.

Re-imagining business for a mobile world, while not without its growing pains, can be a fairly straightforward process. However, to re-imagine business for a mobile world confidently, MAM should be a part of every discussion.

More Stories By Swarna Podila

Swarna Podila serves as a senior manager with the Enterprise Mobility Group at Symantec, responsible for the messaging, positioning, go-to-market strategy and overall evangelism of mobile security and management products and services. In her role, she focuses on the enterprise routes to market, messaging the solutions for on-premise and cloud deployments. At Symantec, Podila has promoted the idea of user-centric and information-centric view and anytime, anywhere productivity.

Prior to Symantec, Podila served a product marketing consultant at Citrix. There she was responsible for the messaging and launching of the company’s networking products. Prior to Citrix, she worked at a software startup and was responsible for their transition from stealth mode to a mid-sized company. She was responsible for product messaging, identifying routes to market and sales enablement. With over 10 years experience in the IT industry, Podila has held a number of roles in product strategy, marketing and engineering. She has an undergraduate degree in Electronics and Communications Engineering and an MBA from Santa Clara University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership abi...
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to transi...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and micro services. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your contain...
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningf...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, explored HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Everyone wants to use containers, but monitoring containers is hard. New ephemeral architecture introduces new challenges in how monitoring tools need to monitor and visualize containers, so your team can make sense of everything. In his session at @DevOpsSummit, David Gildeh, co-founder and CEO of Outlyer, will go through the challenges and show there is light at the end of the tunnel if you use the right tools and understand what you need to be monitoring to successfully use containers in your...
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? Sounds magical, and it is! In his session at 20th Cloud Expo, Chris Munns, Senior Developer Advocate for Serverless Applications at Amazon Web Services, will show how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverle...
The IT industry is undergoing a significant evolution to keep up with cloud application demand. We see this happening as a mindset shift, from traditional IT teams to more well-rounded, cloud-focused job roles. The IT industry has become so cloud-minded that Gartner predicts that by 2020, this cloud shift will impact more than $1 trillion of global IT spending. This shift, however, has left some IT professionals feeling a little anxious about what lies ahead. The good news is that cloud computin...
SYS-CON Events announced today that HTBase will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. HTBase (Gartner 2016 Cool Vendor) delivers a Composable IT infrastructure solution architected for agility and increased efficiency. It turns compute, storage, and fabric into fluid pools of resources that are easily composed and re-composed to meet each application’s needs. With HTBase, companies can quickly prov...
An overall theme of Cloud computing and the specific practices within it is fundamentally one of automation. The core value of technology is to continually automate low level procedures to free up people to work on more value add activities, ultimately leading to the utopian goal of full Autonomic Computing. For example a great way to define your plan for DevOps tool chain adoption is through this lens. In this TechTarget article they outline a simple maturity model for planning this.
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might...
The rise of containers and microservices has skyrocketed the rate at which new applications are moved into production environments today. While developers have been deploying containers to speed up the development processes for some time, there still remain challenges with running microservices efficiently. Most existing IT monitoring tools don’t actually maintain visibility into the containers that make up microservices. As those container applications move into production, some IT operations t...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Software development is a moving target. You have to keep your eye on trends in the tech space that haven’t even happened yet just to stay current. Consider what’s happened with augmented reality (AR) in this year alone. If you said you were working on an AR app in 2015, you might have gotten a lot of blank stares or jokes about Google Glass. Then Pokémon GO happened. Like AR, the trends listed below have been building steam for some time, but they’ll be taking off in surprising new directions b...
@DevOpsSummit has been named the ‘Top DevOps Influencer' by iTrend. iTrend processes millions of conversations, tweets, interactions, news articles, press releases, blog posts - and extract meaning form them and analyzes mobile and desktop software platforms used to communicate, various metadata (such as geo location), and automation tools. In overall placement, @DevOpsSummit ranked as the number one ‘DevOps Influencer' followed by @CloudExpo at third, and @MicroservicesE at 24th.