Skip to main content

Isolating Corporate Data on Consumer Devices

By Alan Giles | December 14, 2015

 

Consumer devices have become standard in the enterprise, regardless of how they are provided – by the organization or the employee themselves. This change requires new ways to isolate, manage and secure corporate information and data. One approach is ‘containerization’, in which you place a virtual container on the device separating the organizational data from the employee’s personal information. Although sound from an IT standpoint, there's been push-back from end-users when it comes to mobile devices, and phones in particular. If users have to perform too many clicks to get to the data they want or if they have to use the phone in a way that's alien to them, they'll simply stop using it.

Worse than that, they’ll deploy some workaround and expose the organization to potential risks of malware and data loss. So what’s the best approach to manage an ‘unmanaged’ device? The most important aspects are the apps themselves, the data that resides within apps and the control and management of those apps. Today, a user can go to an app store and download one of many Salesforce apps available. They can log on and start using it, but in doing so they introduce risk as data could be flowing over the internet unsecured. However, if IT has pushed a company-approved Salesforce app to the user through an enterprise mobility management solution such as Snow Device Manager, it becomes a ‘managed’ app.

Now, when users open Salesforce on their device, a VPN tunnel is established,  so rather than the data going through the public internet, it flows through the organization’s network. All this happens without any degradation in user experience. The VPN does not alter how a user interacts with the app, but in the background IT is able to monitor usage of it, in the knowledge that all data is encrypted and secure.

Also, the IT team is able to wipe the device remotely without any interaction from the user (in case the device is lost or the individual is no longer an employee). The biggest difference between a company-approved app and an app ‘out there’ on the internet lies in the way users initially get the app. 

The managed app would be pushed to their device, rather than be downloaded from an app store by the users. They could also get the secured apps from a self-service browser-based portal managed by the organization.

Here, the only ‘intrusive’ part in the process is the need to create a profile – user name and password – to verify that the user has the right permissions to download the apps. Once that’s done the user can download any number of apps from the portal without introducing any risk to the organization. In essence, each secured app becomes an individually containerized solution, giving the organization all the controls it needs over the app while empowering the individual to access the data and information he needs to be productive.

To learn more about containerization and what an Enterprise Mobility Management solution can do for your organization contact a Snow SAM specialist today.

You May Also Like

Study: Hybrid Work Is Here to Stay, Bringing Its Own Mix of Complexities
Study: Hybrid Work Is Here to Stay, Bringing Its Own Mix of Complexities
We surveyed 400 IT leaders to determine the current state of hybrid work and technologies and found that more than 92% were moving or had already moved to a hybrid work mode.
Read More
Snow User Summit: 3 Topics Changing the IT Landscape in 2021
Snow User Summit: 3 Topics Changing the IT Landscape in 2021
During the 2021 Snow User Summit, our panel of Snow experts explored three topics fundamentally changing the IT landscape.
Read More
Snow 2021 SAP Forum: Global Conversations on Today’s Biggest SAP Challenges
Snow 2021 SAP Forum: Global Conversations on Today’s Biggest SAP Challenges
Check out some of the highlights from the Snow 2021 SAP Forum including conversations around S/4HANA, how to maximize ROI on your SAP investment and more.
Read More