The most pressing challenge in the enterprise is the securing of endpoints within the enterprise. The user and the device have been treated as the same entity which is the reason most IT strategies fail especially with BYOD! As discussed within the Symantec report: Half of enterprise data is stored outside the datacentre the importance of securing these end nodes is especially important with the growth in the area of small medium size businesses (SMB). In the United States, for many SMB’s the securing of data is mandatory in industry verticals such as health care for compliance with HIPAA.
The traditional approach is to encrypt the whole drive where the data resides. This goes back to the point that the device not the user and the associated content is being managed within the enterprise. This becomes an issue as highlighted by the theft of the laptop that occurred last week with NASA . The article Stolen NASA Laptop Had Unencrypted Employee Data existing tools IT has are designed on the premise the device is being managed and it is a corporate asset. In the case of NASA the discussion is raised about the theft of the data but not the recovery of this intellectual property and not the cost of how long it takes for this user to return to productivity!
The knee jerk approach for most organizations is to try to try to move BACK to a centralized model within the datacenter leveraging VDI technologies. Being online in the cloud is great but not always practical. I don’t know anyone that has the 5 9‘s of service with a consumer package from their data provider for networking! Offline capability is a use case that is going ignored within the enterprise!
Securing the user and the contents allows for a level of granularity that bypasses the issues with the hardware. This is one of the reasons this approach was taken with OPUS from Orchard Parc. OPUS has the ability to secure the user and content on any Intel Mac OSX device. That is the reason OPUS not only secures the corporate desktop the applications, documents and user settings but also the full recovery of the users persona by creating a roaming desktop independent of the device. In the end it is managing the user experience and not letting the device manage you.