Brian Bloom is a staff writer at ComputerWorld Canada. You can find him on Google+. He covers enterprise hardware and software, information architecture and security topics.
PKWare Inc.’s recent release of a free SecureZIP reader for iOS is part of a new approach to the
BYOD problem: give security-conscious employees more responsibility for preventing
data breaches.
SecureZIP, which is sold to enterprises and deployed by the IT departments, is used to encrypt corporate information at the workplace. With SecureZIP for iOS, employees can now decrypt files sent to cloud storage on an iPhone or iPad. The company plans to create an application for Android in the coming months as well.
Many organizations are struggling to find the right strategy to control the flow of unsecured data leaving their premises. The problem of employees storing files in the cloud and accessing company data on mobile devices doesn’t have an easy solution.
“Some companies are taking the approach that through policy management and control they will actually enable one of their employees’ mobile devices on their network if they agree to use the enterprise-provided security practices,” says V. Miller Newton, CEO of
PKWare.
“And some companies are saying if you do that, we’ll either pay for it completely or co-opt that device for you in terms of cost. And others are saying ‘look, if you’re going to access anything off our network from a mobile device then you have to use the security product.’”
PKWare is tackling the problem from the employee’s perspective. Nowadays, he says, people are more aware of the security risks of sending and accessing unsecured data in the cloud. The SecureZIP app for mobile devices will to some extent put the onus on them to keep the data safe.
“We believe that the shift is imminent that the end-user of the device will provision data security technology on the device before they send stuff to the cloud,” he says.
Conspicuously absent is any mention of a SecureZIP application for
BlackBerry or
Playbook. But that’s not because PKWare forgot about Research in Motion Ltd.
“We had that prioritized before iOS,” says Newton, “and when we started looking at the declining market share of
RIM and the growing market share of both Apple and Android we de-prioritized BlackBerry.”
Mark Tauschek, lead analyst for
Info-Tech Research Group Inc., says SecureZIP can “potentially address a gap that exists” in enterprise security by encrypting files at the source before sending them to unsecured cloud environments.
“It’s cool to see them doing this on a mobile platform,” he adds.
However, Tauschek says he isn’t sure that companies can rely on their employees to take the proper security precautions without some sort of control regime. “It’s difficult to apply policy without being able to enforce it with technology,” he says.
“Typically, the issue with Dropbox and Box in a BYOD or consumerization situation is that employees are the ones who are putting files into Dropbox and Box — not just taking files from [them].”
It would be nearly impossible to compel employees to encrypt company data with SecureZIP before sending them to their personal cloud storage, Tauschek says. “It’s unenforceable. How do you enforce that? It’s their personal account. You have no visibility into that.”
The missing piece, he adds, is a management and administration platform for SecureZIP. PKWare does offer a product called SecureZIP DLP that integrates with software like Symantec Data Loss Prevention for servers, which he says provides “some level of control,” but ultimately, Tauschek says PKWare might have to come up with its own product.
“I think that would take it to the next level,” he says.