The security of mobile devices and the enterprise data they access and store has presented more than a few challenges for IT departments and administrators this year. According to a recent report from CSO Online, researchers continue to tinker with various measures that could better protect smartphones, tablets and their data.
CSO reported that officials associated with the Virginia Tech Applied Research Corporation have devised data security measures unlike any other on the market.
It was the argument of researchers that mobile security features ought to focus on protecting actual data rather than the mobile device itself. With that in mind, they modified Google's Android mobile operating system, according to the CSO report, to equip it with cutting edge data protection features that centered on information.
"This level of complexity and security, nobody else has," Jules White, an assistant professor of electrical and computer engineering at Virginia Tech, said in a statement, according to CSO.
Specifically, the Virginia Tech researchers devised security measures that give IT departments more control over the data housed on and accessed by mobile devices like never before. For example, researchers gave mobility administrators complete control to determine what data and which apps devices can access and launch once they leave a certain area.
In terms of how such features could be used, CSO gave the example of a research and development team. They would work with a device within the confines of their lab, then, once the device leaves that area all information can be wiped so no secrets get out.
"There are commercial products that do limited versions of these things, but nothing that allows for automating wiping and complete control of settings and apps on smartphones and tablets," White said, according to CSO.
Virginia Tech's researchers certainly aren't alone in promoting the notion that data security measures should now be focused primarily on data, rather than hardware. In a separate report, CSO also highlighted the findings of the recent Human Behavior and Security culture workshop, which was hosted by Dartmouth College's Tuck School Business.
At the event, attendees came to the conclusion that companies should now focus on managing data, not hardware. There are simply too many new devices being brought to work for the IT department to oversee the use of all.
Instead, Dartmouth conference attendees said, companies should "herd" data into designated areas and only allow access from that point. CSO called the practice a "Hotel California" model, where data can be checked out, but can never leave the specific area.
Similar points were again argued by data security experts for Trend Micro in a recent interview with ZDNet Asia. They revealed that the landscape for the creation and use of data has now dramatically changed so much that companies must also consider new approaches for keeping it safe.
In the interview, the experts said that "context-aware" measures are now needed to follow data throughout its lifecycle, including as it moves in and out of the company network between on-premise and cloud-based systems.
However companies plan to secure data, it's becoming increasingly clear that something must be done to protect organizations' mobility programs, experts say. Between personally owned and corporate-liable smartphones and tablets, the flood of devices into the enterprise will continue moving forward.
Although, it appears many companies will soon recognize this need and invest in new mobile security solutions. According to research firm Canalys, spending on such tools will increase 44 percent annually until 2015.
Consumerization News from SimplySecurity.com by Trend Micro