Government has been adopting mobility and implementing BYOD programs for years, but the issue of cybersecurity remains front of mind. Mobility is here to stay and is transforming the fundamental way government does business. In fact, the 2012 Obama administration’s Digital Government Strategy set two overarching mobility-related goals:
- “Enable the American people and an increasingly mobile workforce to access government information and services anywhere, anytime, on any device.”
- “Ensure government procures and manages devices, applications and data in smart, secure and affordable ways — and use them to spur innovation.”
No longer is it acceptable to use security concerns as a way to avoid the hard work of going mobile.
Early efforts to fortify mobile device security focused mainly on securing the devices themselves. This made sense based on a 2016 study in which the Department of Homeland Security stated, noted “Mobile devices face security threats similar to those affecting desktop PCs and notebooks, but because of the unique nature of mobile technology, mobile devices may face additional or greater threats.” In light of this reality – that a mobile device, by its mobile nature, is inherently insecure – the focus must shift from securing devices to protecting data.
Creating a Workspace
Government employees, like a growing number of American citizens, expect that anything they do on their computers, they should also be able to do on their mobile devices. Moreover, they want the ability to connect and accomplish tasks to be a seamless experience, no matter what device they are using. To do this, mobile environments need to mimic the traditional IT feel and environment. Creating an accessible workspace using any device promises benefits end users and IT departments alike.
For IT, managing mobile and desktop data simultaneously gives them a better picture of the context in which users access their corporate apps and use that information. Andrew Garver, Research Director at Gartner, describes the threefold benefits of this workspace approach:
- Better data delivery – Users and IT administrators alike can access and serve data on any device at any time like they would on a traditional networked desktop.
- Secure the data, not the boundary – Instead of focusing on managing devices, the focus is on securing data each time it is accessed. This involves a change in mindset from the traditional one-to-one computing model to the reality of today’s interconnected IT systems.
- Increase monitoring and auditing – To secure data, agencies need a strong understanding of the nature of that data, who should have access to it, and how it should be used. Reaching this level of understanding not only helps with compliance but also reduces the time needed to identify and react to data leaks or breaches.
Building this type environment means coordinating with eDiscovery solutions to make sure Digital Rights Management (DRM)-protected files are injected into the eDiscovery systems for indexing in accordance with requirements. Integrating with other discovery tools can provide a powerful combination of DRM file protection, mobile security, discovery, remediation and alerts for IT teams. For end users, DRM controls can be opened so that they can be in control of their content even after it has been shared and external collaborators have downloaded it.
In practice, the workspacing approach allows users not only to access documents via mobile devices but also to sync the various versions of those documents as changes are made. Establishing permissions around who can view, edit, print and share each file allows document owners and IT administrators to track who’s doing what. This means for each document or link, IT administrators and individual users can:
- Set permissions to access, download, view, edit, copy, print and forward.
- Enable screen-capture protection.
- Enable dynamic and customizable watermarking.
- Track, revoke, wipe or expire file access at any time – even after the document has been downloaded or shared.
The Future of Mobility
As mobility trends continue advancing at a rapid pace, one thing is clear: agencies need to prepare their data – not only their devices – for the age of mobility. And by focusing on who needs the data and what they are allowed to do with it, many of the security hurdles that previously hampered mobile use in government are cleared.