EdgeWave’s CEO Dave Maquera recently spoke with security writer Sramana Mitra for her Thought Leaders in Mobile and Social (TLMS) interview series – part 5 is below, click here to view part 1, part 2, part 3, or part 4. The interview continues…
Sramana Mitra: What are the core trends in mobile security from your perspective?
Dave Maquera: We asses that there are three key things that are related. The first piece is that we see that BOYD is what mobility is all about. We see fewer companies getting into the business of issuing devices, for a lot of reasons. The main reasons are cost and employees, students, or members of organizations not wanting another device. They prefer [to use] their own. That presents unique challenges. It makes it important for our industry – the security industry – to change how it looks at security from less of a viewpoint of “How do we build the impenetrable fortress?” but instead move to “How do we create a more flexible architecture that is high performance from a security standpoint, but yet highly adoptable and adaptable to mobile devices?”
This approach considers the person as both an employee or a student and also a regular, social human being. We see that as a trend that is taking shape, where other security companies are still back in the old days. Some of the solutions that are coming out are sandbox, creating virtual instances of multiple personas on a device, VPN-ing devices into sandboxes that are in the cloud. We see all kinds of very intense and traditional approaches – taking the same paradigm as it exists today in the perimeter, and trying to recreate that. We think that is not the appropriate approach.
One of the things that exemplifies our disagreement is our approach to social media. Our social media application for security is extremely flexible. It is cloud based, yet it can work with any appliance architecture you have. If you have a Cisco web filter, for example, and you don’t want our web filter, it doesn’t matter. It is highly adaptable to whatever web gateway or web filter you are using. The other thing is how you define what it can do. We look at it as not this iron gate of “Here are the only things you are allowed to say or do on social media.” If you are an employee, and you are sitting in your company lounge with your mobile device, and you are hooked up through the company network, it is not that at all. It is flexible enough to say, “Here are things we want to monitor and we want to provide employees the reporting of what they are doing. So we don’t necessarily apply the Big Brother approach.”
Very forward-thinking companies are starting to see that it is better to provide the information in terms of what their policy is and then provide transparency to the employees or members of the organization, so they can self-manage. In those cases we are an absolutely superior solution because nothing out there – from a social media perspective integrated with mobile – stands close to what we have. It is a very different approach that we do not see [others taking] from a competitive standpoint. What we see are companies taking the same approach to web filtering or firewalling and putting that on mobile devices when you are linked through the company network. If you are trying to post something you are not supposed to post, you get a big black screen that says, “You have been disconnected or blocked.” That is the extent of it. We just don’t think that this is very meaningful.
SM: So what do you do?
DM: If you wanted to do that, we can certainly do it. But the other thing we can do is the following. If you try to post something like a Social Security number, we could reply with, “Hey, that looks like a Social Security number. Are you sure you want to post that? Yes or no? That is a very simple example. We can do more sophisticated things. We can have language recognition that says, “That looks like sensitive data. That looks like it has data of the 2015 product plan, and you probably don’t want to post that.” In this instance it is the difference between a Social Security number and potentially sensitive language.
Look for the conclusion to the interview tomorrow!