Context Awareness and Information Security: This Message Will Self Destruct
Data security is one of the biggest concerns of CIOs. Sensitive information is under constant threat of attack from hackers, governments, competitors, and even an organization’s own employees. Every layer of security that can be added without taking away from functionality is crucial in the constant fight to keep data secure while maintaining a mobile workforce. In virtual environments, workspace management helps fortify critical data while offering users advanced functionality, creating a win-win for both IT and the end-user.
Workspace management utilizes location awareness and context awareness to provide users with a seamless and efficient experience while improving security. A good example of this is WiFi: when a user is searching for access, the system will connect that user to the nearest and strongest wireless access point.
Fortify Critical Data Using Spy-Level Failsafe Features
Context awareness goes a little bit further. If, for example, an employee from the fifth floor goes to a meeting on the tenth floor, they will automatically be connected to the tenth floor Wi-Fi and its associated devices. Should that employee need to print something during the meeting, it will go to the nearest printer, rather than her preferred printer on the fifth floor, eliminating the need to have to sign in to a new printer. When she returns to her desk, she will automatically go back to her preferred settings upon refresh.
Context awareness also has some advanced features that might seem like something out of a spy movie. There are times when employees will need to access applications that store sensitive or secure data. Let’s say a marketing employee is back in the finance department for a planning meeting, and she accesses an application that automatically stores sensitive data to her system. To prevent a potential breach, that document can be wiped from her device once she leaves the finance area’s access point.
Access Denied: The System Knows Who You Are, Where You Are, and How Your Role is Defined
Context awareness knows who each user is, what device they’re connecting with, and at which wireless access point they are connected. This allows the system to deliver the right services to each user at the right time while restricting access to certain applications, data, and files based on that same contextual information. For example, protocols can be put into place to prevent finance department employees from accessing financial data anywhere outside their access point. Context-based access can also prevent users from changing roles based on location. A marketing employee would not, for example, be able to access finance apps just because she happens to be attending a meeting in that department.
A Host of Critical Built-in Security Features
Workspace management, with its advances in location and context awareness, also allows administrators to set up more traditional “core” security features including, but by no means limited to:
- Process security – To restrict access to unauthorized processes
- Read-only blanketing – Prevents changes to process binaries and other items on the local drive
- File and folder security – Default blacklisting
- Network security – Layer 3 security that allows applications to only hit certain ports and targets
- URL security – Whitelisting and blacklisting
- Removable disk security – Prevents users from downloading sensitive information to disks and drives and removing it from the premises
- Session security – Puts protocols in place when a user is logged on in two different locations
- App controls – Controls who can install what apps and where they can install them
While workspace management comes with a litany of security options, it’s not an all-or-nothing proposition. Standard and advanced security features can be tailored to your environment. You customize the system to help maintain user mobility and proactive controls over security, targeting the specific operational needs and budget of your organization.