It may be more convenient for workers, but BYOD — Bring Your Own Device, in which employees, especially at large enterprise firms, use their smartphones for both personal and business use — is a major hassle for corporate IT departments.
When employees were using their company-issued devices strictly for company work, system administrators had a large measure of control over how that data could be used — a crucial security feature, especially nowadays, as cyber-attackers and hackers develop ever more sophisticated tactics to steal data. There are many solutions out there to ensure data safety on dual-purpose devices, but few are as elegant as the one that data security company Red Bend has developed for Samsung, which was introduced at the Mobile World Congress in Barcelona this week.
There’s a golden rule among network security administrators: the more exposed a device is to the Internet, the less secure it is. When a device is used strictly to interface with a company’s mail or data server, it’s easy to set up a secure data pipe for communications that is unlikely (or at least less likely) to be compromised by hackers.
But when a device is used for personal needs as well — with an employee checking out Facebook, Twitter, and other public social networks and websites — the opportunities multiply for hackers to “invade” the phone. Users can inadvertently click on a rogue link or download a contaminated file that will contain a Trojan or virus that can enable a hacker to take control of the phone, or steal login and password information, allowing them to get access to important data or corporate servers.
The problem affects all smartphones, but especially those that run the Android operating system. Android is an “open” OS, and allows users to make changes and adjustments to the way the phone operates. For developers, this is a good thing; for security administrators, however, it’s less than ideal, as it allows hackers to easily manipulate the OS for their nefarious purposes.
To deal with BYOD, IT managers often deploy third-party applications to “rope off” secure data, or management applications that let them set up security parameters. But those solutions aren’t as all-encompassing as they need to be; the very presence of a rogue file on the device means that, despite the security layers, data on the phone is almost certain to be compromised at some point. Even if the company imposes a strict encryption and strong-password policy, all it takes is one mistake or lapse to compromise an entire data system. The odds are just too great.
Red Bend, an international company that started out in Israel and has a large R&D facility here, has developed what it hopes will be a more secure — and elegant — solution to the BYOD enterprise dilemma: a “dual-persona” version of the popular Samsung Galaxy S III smartphone that will sport two separate versions of the Android OS. One can be used by corporate administrators to provide a secure environment for corporate data, with administrators “locking down” the OS to prevent any outside interdiction; the other can be used as a “regular” OS to allow users to access their favorite apps, without fear that a hack attack could bring down the corporate server.
Red Bend has been around since 1999, and during the past decade-and-a-half it has developed a plethora of security systems for smartphones. For example, Red Bend is responsible for nearly three-quarters of the wireless software updates for cell phones around the world, using a secure automatic firmware over-the-air (FOTA) update system which both ensures that phones get the right software from the right source and prevents hackers from using firmware updates as yet another channel by which to spread their poison.
“We are very excited about offering enterprise trials of Red Bend’s true BYOD solution,” said Yoram Salinger, the CEO of Red Bend Software. “Collaborating with Samsung to offer a virtualized smartphone featuring dual personas is a major milestone. This will drastically improve how IT departments support BYOD and how consumers seamlessly move between their work and personal lives using one device.”
Commenting on the deal, Jae Shin, Samsung’s vice president of the company’s B2B alliance group leader of mobile communications division, said “Samsung consumers have come to expect the same rich Samsung user experience they love, whether they are using a personal or business smartphone. Red Bend offers a smartphone solution for BYOD to meet these needs of employees, as well as those of IT managers.”