@biz_mobility, 11. 5. 18. 오후 11:25

Philippe Winthrop (@biz_mobility) 11. 5. 18. 오후 11:25 Enterprise Mobility: What's a CSO to do? http://bit.ly/j7DkBD

During a highly charged conference session at last week's Interop trade show in Las Vegas, moderator Philippe Winthrop, managing director of the Enterprise Mobility Foundation, posed what seemed like an innocent enough question: "How do chief security officers handle mobility?"

After panelists from mobile device management (MDM), security and telecom expense management (TEM) suppliers debated the issue for an hour with attendees, the bottom-line takeaway was simply to "start somewhere." The reason was that a show of hands revealed fairly nascent progress with deployments among the enterprises represented by attendees.

TRADE SHOW RELEASE: Google Android, Apple iOS devices corralled by new device manager

About a third of the approximately 100 attendees at the session said they had some form of mobility policy in place but admitted it wasn't necessarily "fully baked." Only a few said their companies had updated their mobility policies in the past year, and still fewer said their enterprises distinguished between individual-liable and corporate-liable devices.

Related Content

• Hot products at Interop 2011SLIDESHOW
• Unchecked usage can kill cost benefits of cloud services
• Interop: Cloud services take a beating in debate over security
• Businesses need to look at security as a military operation

View more related content

Get Daily News by Email

One reason for the lack of progress with MDM and policy enforcement is that the mobility landscape remains in constant flux and is a moving target. One big issue is the fact that all mobile operating systems except BlackBerry have licensed theMicrosoft ActiveSync protocol for push email, noted panelist Sunil Marolia, VP of product management at Smith Micro Software.

ActiveSync offers about 50 policies, but the different mobile OSs support different ones -- and which ones they support depend on the OS version number, Marolia pointed out. Meanwhile, the ActiveSync policy support is dwarfed by the 400 policies currently supported by Research In Motion's BlackBerry Enterprise Server (BES) for BlackBerry handsets.

So the situation gets complex fast in enterprises where the bring-your-own-device (BYOD) mantra is in full swing. Because of these inconsistencies, Eric Januszko, CTO at ProfitLine, suggested that "in the short term, the CSO has a choice: Standardize on a few platforms or standardize on a few policies."

He also suggested tackling policies for tablets first, which John Marshall, CEO of AirWatch, seconded.

"The tablet means more content, which means more risk than a smartphone," Marshall said. He quipped that the mobile security situation in enterprises is in its "honeymoon period. With the first class-action lawsuit, things will get more complex."

Read more about wireless & mobile in Network World's Wireless & Mobile section.

Joanie Wexler is an independent networking technology writer/editor in Silicon Valley.

DK Park from iPad2