Offline Access to Data – The Holy Grail of Mobility

Mobility is fantastic, until you have no signal. I had to smile listening to Visage Mobile’s Mobile Justice League webinar when Benjamin Robbins of Palador commented that he experiences “datanoia”. Datanoia is the nagging concern, will I have the right data with me when I am offline? Benjamin (tweets as @PaladorBenjamin) is famous for working, much of the time on the road, entirely “mobile only” for one and a half years now. Tablet and smartphone only. It is definitely a challenge to have the right presentations, spreadsheets, and proposals, etc., at hand when the corporate network and the cloud are out of reach.

We identified this need for offline data a couple of years back. Offline access is a cornerstone of our offering. I can specifically save files for offline access in our encrypted Container. Moreover, if I have accessed a file while I am online, it will be cached to the secure container automatically. If I lose connectivity while I am working, I will be able to continue to work with a file which I have accessed. I can read, edit, and annotate files while offline, then sync them back when I am reconnected.

To be very clear, access control and security are of paramount importance to us at Mobile Helix. I only have offline access if IT has granted it to me via role, application and geo-location policy. Our Link solution includes policy control pertaining to:

• Which data can be cached offline
• How much data can be cached offline
• How long data can remain in the container before it expires
• What type of password or pincode is to be used for authentication
• Container idle – after a configurable idle period should the container be locked out?
• Whether the user may edit Word and Excel files
• Offline access to Link Email

Finally, all data is encrypted from end-to-end. The container is encrypted with AES-256. Data in-transit is encrypted with HTTPS/SSL.

Don’t lie awake with datanoia. Take your data with you, encrypted.

– Maureen

Additional Resource: Offline Data Architecture White Paper

How Secure is your Container? Are all Secure Containers are Created Equal?

The secure container approach to enterprise mobility is becoming increasingly common. With each passing month, the number of companies claiming to offer some form of secure container is expanding. The approach remains new however, and there are critical attributes of a truly secure container that must be present for this powerful approach is to deliver all of its benefits. How secure is your container? Are all secure containers created equal?

To recap briefly, the goal of a secure container is unimpeded enterprise productivity on personally owned mobile devices, all without security compromises. The container creates a separate secure environment that protects sensitive corporate data and applications under all circumstances. IT keeps full control of corporate data – who can access it, where it can go, what can be done with it. IT has an accurate trace and an audit available so that corporate data can be tracked and IT knows where corporate information has gone. Yet the device remains personal. The user is free to use the rest of their device as they wish when they aren’t working.

Container security starts with robust encryption. This creates an impermeable barrier that separates sensitive corporate data and applications from everything else. To achieve this, the encryption must be strong and must be fully device independent. It must not rely on device security capabilities like the native encryption, key generation and credentials (eg. pincode) or any other device attribute in any way. Otherwise, should a device be jailbroken, rooted or otherwise compromised, the native encryption is immediately worthless. In addition, it is critical that security and security processes remain in the control of IT and not be outsourced to third parties – like mobile operating system developers. This is important, and it is not true in most cases.

The container must be provisioned and managed seamlessly by IT and it must also be available for all of the device operating systems in use by employees. It must be simple, quick and easy to download, install and provision making it completely self-service to users. The reality for any busy person is that they desire to access the information they need to be productive on whatever device they have nearby that is most convenient for them. This is only possible with the most secure of containers installed or readily available.

Despite the flexibility for the user, IT must have full control of the corporate data and corporate apps on the device. This includes who can access what and on what devices, and ensuring that corporate data can be selectively deleted immediately should a device be lost or stolen or when an employee decides to leave the company. Otherwise, sensitive data can walk out the door without restrictions or an audit trail.

The container must be the single point of access for all productivity tools and actions on the mobile devices. This ensures a full audit trail is available of all interactions between the container and the corporate data.

If done right, the secure container approach delivers unimpeded mobile productivity. It ensures that sensitive corporate data is easily accessible to those who are authorized to access it, though the data remains fully protected and under IT’s control on any device irrespective of the device, its condition, and what else is installed.

Clearly, containers are not created equal. Features and architectures vary. Link’s foundation is unsurpassed security. The encryption code for our secure container is written in native code. It does not use the native OS security API. Our container remains secure even on a rooted or jail-broken device. There is more to our secure container offering, including full endpoint administration, role-based access and analytics.

We encourage you to take a critical look at Link. Please let us know if you would like to learn more about the reality of unimpeded productivity with unparalleled security. We would be happy to help.

– Matt