News Stay informed about the latest enterprise technology news and product updates.

IT's balancing act between mobile security and privacy

IT continues to walk a fine line between securing employee devices and allowing them a level of privacy.

ATLANTA – Securely managing employee mobile devices is necessary, but to do so while respecting their privacy and not overstepping boundaries is also important.

While enterprise mobility management (EMM) has become a necessity in corporate mobile environments, AirWatch acknowledges that privacy fears can be a barrier in adoption as some employees may view IT managing their phones as big brother watching their every move.

"We have a right to keep our devices secure, we have a right to keep our data secure but nobody has the right to infringe on our users’ privacy," said Noah Wasmer, vice president of strategy and CTO of end-user computing at VMware, during a keynote at AirWatch Connect here this week.

Through its Privacy First initiative, AirWatch will release new tools and educational resources that are baked into the platform in the fourth quarter of this year, aimed at greater transparency.

Employees will be able to onboard their own personal and corporate devices into the corporate management platform without the help of an IT admin, and can dynamically see what is and what is not being pulled from their device. They will not have to read through an entire terms of use policy notice, as the information will be clearly presented to them as they go step-by-step through the onboarding process.

AirWatch will also support two-factor authentication to track an employee's GPS. This means there will need to be two passwords by two IT admins entered to track that information, so two admins will have to know what command was given. This will be logged into the corporate system for record, and the employee will know that their GPS is being tracked by IT. These features are not available today, and will be available by the end of the year. 

AirWatch shared some of its privacy best practice tips that it urges admins to follow. One example is to keep personal information on a user’s device separate from corporate data. This way, IT does not wipe a user’s personal content in the event that an employee leaves the company or the device becomes compromised. IT will also not be able to see personal information about the employee that is not work related, such as information that suggests an employee's political views, religious beliefs or sexual orientation.

Another best practice tip is to not track GPS locations of employees to avoid invading the user’s privacy when they are not at work.

"We allow user-owned personal devices," said Brian Holt, ARMS IT analyst for Southern Company, an energy and utilities company with over 10,000 employees based in Atlanta. "The devices have their personal emails and other content on there, but it’s enrolled in AirWatch, so the company email and company information is separate from personal content. The company can’t see their personal information."

If an employee leaves the company, IT can remote wipe the corporate information from their device without wiping personal information, Holt said.

 Employees are informed that if their devices have company information on it, they have to allow some level of knowledge into the device in order to manage it. The employees are given a choice between using their own personal device or one given to them by the company for corporate use.

While many admins have a strict EMM policy in place, other companies admit that they are still working on their plan.

"Our policy is sort of non-existent," said an IT administrator for an American utilities company under the condition of anonymity. "It’s an unspoken policy, and we are constantly trying to write it and figure it out."

While the company does not fully embrace BYOD, it has grown from a handful of corporate devices to over 1,200, the admin said. Despite this boom in managed devices, the admin noted that his company currently has more than 600 devices that are still not being managed.

Employees are allowed to use their native email client, which IT does not have any control over, the admin said. This is something he hopes changes, in addition to adopting a secure browser, and a corporate app store configuration.

"Security as well as privacy are definitely important, and we know we have to do something about it," the admin said. "AirWatch is definitely helping us think about what we need to do going forward."

While the balance of mobility management and privacy can be tricky, so is the balance between security and productivity. Depending on the companies' line of work, it may be more beneficial to have stringent security protocols ignored to access corporate apps and data, while other businesses can afford an authentication system with less complexity.

"We’re a power utility company that also operates nuclear plants, so security is a huge thing for us," Holt said. "Sometimes our security is so tight that we can’t get business things done because we have to log into so many different things just to get to onto the app we need in order to do our jobs."

The strict security protocol is understandable, Holt said, despite employees wanting it to be easier.

"In our case, erring on the side of too secure than not enough is probably for the best," he said. "I think AirWatch is doing a good job of allowing security to be configured to the level of deemed appropriate, and Not just throwing out a level of security that you have to live with."

Ramin Edmond is a news writer with TechTarget's End User Computing Media Group. Contact him at Redmond@techtarget.com.

Dig Deeper on Enterprise mobile security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

6 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you balance security and employees’ privacy?
Cancel
I think the answer is that security has to come first. At my organization, a waiver is required in order to use a personal mobile device for work purposes. If you're not comfortable with that, then you don't go through the process. I don't use my phone for work purposes, and I'm totally fine with that.
Cancel
Sorry, workers using corporate devices and business networks have nearly zero privacy rights... That's why you keep personal devices and data separate from business...
Cancel
Business's security is primary - even for employee's own benefit. Employees can choose to either use organization provided devices or use their own devices in limited fashion - so their privacy is taken care of and the organization's security is not threatened as well.
Cancel
Airwatch is taking a step in the right direction by providing tools that allow users to see what is and what is not being pulled from their device. Transparency is going to be key in obtaining user buy-in on security measures that could impact their privacy.
Cancel
While maintaining a balanced line between mobile security and privacy, another important aspect to take into consideration is that security should not be replaced by convenience. Proper EMM, blacklisting of apps and stringent policies should be adhered. At the same time, employees need to be educated on the importance of security.

With BYOD & IoT's trending worldwide, the need of hour is to be aware and proactive towards mobile security. Its a top priority for us at Appknox.
Cancel

-ADS BY GOOGLE

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close