Compliance convergence and control

Compliance, convergence and control

Today's security landscape demands governance, risk management and compliance (GRC). And, these demands are compounded by the need to prove GRC and provide for litigation readiness

Souma Das, Citrix India

Tuesday, December 11, 2007

Let’s be clear: users are not doing this because they’re malicious – they’re doing it because they crave the additional functionality, or they need to be connected at all times in this highly competitive world. Oftentimes, people are doing it to meet their lifestyle.

They’re being asked to do all kinds of things outside work today. Let’s say they’ve committed to their boss or to a customer to get a particular task done. They save their data to a SD card, a USB stick or a mobile device. They don’t do it, saying: ‘I am going to take this information and put it at risk and put it in an unsecured location’. They do it because they genuinely believe they’re trying to get something done and help the organisation.

That’s where we’re running into a culture clash. In the past, the tendency with security has been to lock it down. And that’s a big problem because 100% secure is 100% unusable. The end user just sees security as something that slows them down and gets in their way. Organisations have to be able to find a way to provide security for these types of situations but make it a benefit to the user. Security must be addressed across the Application Delivery Infrastructure.

Instead of telling users that they can’t use a mobile device any more, or can’t connect to corporate resources, what if there was a way that the organisation can manage that data regardless of whether the device was purchased by the company or purchased by the end user?

And as an extra benefit, wouldn’t it be great if the end user could go out and buy any type of device and always have the same applications and same data? You don’t have to reinstall and translate and everything else. What if you had a corporate-ready view on this phone?

That technology is available today. Organisations can give end users the applications they need on any type of device regardless of where they are. Virtualisation solves the expensive problem of gathering data that was outlined earlier, because the information stays in the datacenter. If users want to take information home and work on it, they can do so without that data ever leaving the corporate network.

<<PREVIOUS NEXT>>

Would you like to Comment on this Article?