Apple’s prescence has expanded from being the brand behind a few Macs in the creative department; it is now a key mobile and productivity provider across every top enterprise. But even Apple’s platforms face security challenges as people work remotely. I caught up with Truce Software CEO Joe Boyle to discuss Apple in the workplace and his company’s approach to managing the mobile enterprise.
Apple goes to work
“It feels like Apple and the enterprise are practically synonymous today,” Boyle said.
Even those companies that don’t issue Macs and iPhones themselves are likely to support their use by employees. “With a growing ecosystem of enterprise partners available, it has become possible to completely outsource and automate the entire lifecycle of Apple devices,” he said.
“The consumerization of IT has caused a seismic shift in favor of Apple’s growing presence in the enterprise. From an enterprise mobility standpoint, we’ve seen growth and expansion of Apple devices across various industries and use cases. Companies want to leverage the power of the iOS platform to enable a more connected and better-equipped workforce.“
There are other trends, too:
- Employees increasingly use their own devices and computers for work.
- They are more engaged than ever in the tech they use.
- Businesses are adopting a mobile-first approach.
This trend has also driven a change in business processes, said Boyle. “Businesses have transformed workflow processes to be mobile friendly (if not mobile first) to make workers, and operations overall, more efficient,” he said.
“As mobile devices are replacing legacy workflows, businesses are realizing the benefits of allowing those advanced capabilities far exceed the downfalls,” he said. “Additionally, Apple’s stance on privacy allows companies and their employees to feel protected as they deploy and use the same mobile devices both at work and personally.”
But in an asynchronous, distributed environment, security remains a challenge.
Mobile security beyond the perimeter
Classic security models rely on perimeter security, a concept loosely based on the idea that you put a fence around what matters to you and defend it. This concept hasn’t translated well to a mobile world, prompting the evolution of new security models, even on Apple’s more-secure-than-most platforms.
“The nature of mobility has forever changed how enterprises need to think about managing their environment, yet most approaches and technology are still built from a PC paradigm,” Boyle said.
Traditional perimeter security is outdated in that it’s fixed and does not account for the many ways today’s workforce is dynamic. Workers are distributed and using different devices at different times and in different ways.
“Enterprise mobility security needs to account for who is using the device, how, when, and where. We refer to that at Truce as the human element of mobility management. As a worker’s environment changes throughout a shift, so too must their permissions,” Boyle said.
This context-driven approach to security means the enterprise should know which workers are using which devices and where, and knows how those devices are ordinarily used. “As the use of a device evolves throughout a worker’s shift, based on where the employee is and what they’re doing, for example, the security parameters adapt accordingly,” he said.
It’s also important that these security models are locationally aware. “It isn’t only important to know where a device is, but also other details such as time of day and proximity to high-risk equipment, and to have the ability to modify security policy as the environment changes,” he said.
The challenge of privacy
The problem for many employees is that as contextual awareness grows, they become suspicious about giving employers more access to their personal data than required. This is a particular challenge when both personal and professional (digital) lives co-exist on our mobile devices.
“We still commonly see that tug of war between IT needing to closely manage security of the network and safeguard data, and operations pushing for wider permissions of mobile to enable more functionality for workers,” Boyle says. “We also see user privacy as an important consideration in the context of mobile devices at work.
“Contextual mobility management enables devices to be managed based on how the individual user’s environment changes throughout a shift, with the understanding that users aren’t static. “It is only when businesses adapt their mobile device policies to acknowledge the fact that workers are not static that advanced workforce mobility comes to life.
“This is the new model for the modern workforce,” he said.