Moreover, 85 percent of the respondents admitted to downloading apps to their smartphone or tablet (the same one used for work in the Federal space), that exposed the device and the data held on it to a larger degree of risk than if there was a clear separation of usage. This separation, which clearly defines apps for work and play, and keeps the device from crossing over between the two, is part of what Samsung is offering.
Samsung is pushing a solution called KNOX when they make their bid for secure mobile devices. It sits on top of a hardened install of Android, and includes an app container that will enable administrators to split personal apps and data off from the confidential data and business apps. In addition to the separation that comes from the app container, the KNOX file system leverages AES-256 to ensure that the files stored on it are protected, and there's the ability to use the per-app VPN client.
Samsung's offering is a progressive step forward when comparing mobile security these days with what existed a decade ago. However, when it comes to mobile security overall, its level of maturity is still lacking when compared to desktops and servers. So what are administrators looking for?
CSO asked that question of Swarna Podila, the Senior Manager for the Enterprise Mobility Group at Symantec.
"From a high level, there are really two approaches to keeping business data on mobile devices secure. The first is protecting data at the device level and the second is protecting it at the app level. Protecting it at the device level -- via tools such as MDM -- is great for IT, but also results in a heavy footprint on devices, which can fly in the face of the hoped for user benefits of mobility, such as increased productivity and greater work flexibility," she said during an interview.
A key alternative to this, Podila added, is protecting data from an app level. Traditionally, this has been done with sandboxing (which is part of Samsung's KNOX, and a key provision for other solutions), and that worked out fine when mobile apps for business were limited to email.
"However, as organizations rely more and more on mobility, this approach falls short. Any corporate app that needs protection has to be built in or modified to fit into the sandbox. With the diversity of apps available, this approach is very limiting and even the earl proponents of this technology are moving on to other strategies," Podila said.
Those other strategies include mobile application management, which as Symantec's expert explained, addresses the limitations of sandboxes while still meeting corporate security needs. MAM technology allows companies to wrap their corporate apps and the data tied to them in their own security and management layers.
Sign up for Computerworld eNewsletters.