This content is part of the Essential Guide: Managing information security amid new threats: A guide for CIOs
Get started Bring yourself up to speed with our introductory content.

What are the best security tools for mobile collaboration?

In this Ask the Expert from the Catalyst conference in San Diego, Gartner Analyst Mario de Boer talks about secure enterprise mobile collaboration, including why MDM and AV aren't effective security measures.

What are the best security tools for mobile collaboration?

We're talking about collaborating in teams that you may not have a pre-existing relationship with. Are you going to force your MDM on all those devices? Well that's not going to work, right? Managing all those devices is not going to work in that situation.

If I'm malware, and I'm running on this device, can I access data that lives in the context of another application? Generally these devices are pretty secure. The only way to do that is by rooting, jailbreaking, or otherwise getting privileged access to the device. Well guess what, if I'm that clever then I can write malware that breaks the privileged levels of that device and I can probably disable anti-malware as well, right? So anti-malware isn't really going to help you with protecting your data.

Luckily many of the modern mobile devices have pretty good data protection and access control on the device itself.

Mario de Boer Mario de Boer

We [also] have container solutions, we have mobile application management and we have more and more enterprise solutions like enterprise file share solutions that do a very good job protecting the data that is stored on these mobile devices.

But ideally, the user or company would be able to protect the data itself, not just the applications through rights management control -- dictating who can see or alter the information you share and who cannot -- and to do the data protection locally, right on the mobile device itself.

What I really would like is to protect data itself and not care about the applications. Using rights management, for example. If we cannot use that, then we have to rely on, for example, enterprise file sync and share that run[s] on your device to do the access control and to do the local data protection on the device itself. And believe me these solutions are getting better and better at doing so. And forget about managing the whole device because that's not going to work in mobile collaboration.

Move mobile collaboration environment to the cloud

First of all, we use cloud services not only to avoid opening up your internal network but also because many of the cloud solutions are actually well equipped to support mobile devices, to support multiple user groups  from different organizations and be very reliably available. The risk, of course, is that you lose control. You have to relinquish some of your own control and trade it with trust.

[But] the best bottom line is to avoid using internal networks all together. Go to the cloud with your collaboration environment.

Cloud solutions remediate the risk of giving remote access… the only thing you have to take care of here is that you trade the risks of giving more access to general applications with having trust.

Secure apps by offering users alternatives

Make sure that you have enterprise alternatives for collaboration applications that have a user friendliness that can actually match the solutions that people get for free. Now it sounds hard to do, right? How can I match the usability of Dropbox? Well you can because you are an enterprise. You can provide for your users a solution that not only syncs and shares files but that syncs and shares files plus gives access to internal home folders, plus gives access to your SharePoint environment, plus integrates with your presence information. You can make a much better solution than the free solutions can. So that's an opportunity.

You can also again… use rights management control to control the data itself. Now I control access to that data irrespective of the application I use. Whether it's enterprise file sync and share or just cloud storage or email I don't care… and I can change the policy at any moment that I want.

From Mario de Boer's presentation on the "Five Biggest Security Issues in Mobile Collaboration" at Gartner's Catalyst Conference in San Diego. De Boer is a Gartner analyst for the Technical Professionals Security and Risk Management Strategies team. His main areas of focus are endpoint and mobile device security, Web browser security, and social media, email and collaboration security. He has more than 15 years of industry experience in security, risk and compliance topic areas, working for enterprises, government organizations and consulting firms.

Next Steps

Put security in the hands of the BYOD user

Six steps to block mobile app security problems

Mobile app security trends

Secure mobile business apps

Dig Deeper on Enterprise data privacy management

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What is your most effective tool for secure mobile collaboration?

The article is short and concise, however to provide end to end mobile security there will be need for a combination of numerous technologies as there seem to be no single solution in sight.

For me, I have implemnted the combination of a number of solutions and some are really cheap.

The cheapest architecture was with Owncloud and AD RMS offering the filesync, remote access to internally data and persistent document protection. However it lacked integration with internal file servers and sharepoint.

The pricey solutions involved the EMC Simplicity and SAP Mobile Docs, Mocana and Afaria combination.

Note that Microsoft SharePoint (AD RMS integrated) and Office Outlook actually offers offline sync of SharePoint document sites which also gives offline access to files

All in all, there is no one single solution yet

I wonder if a VM periodically updated environment for cell phones and tablets could help to limit the infections that could come.