Protecting Corporate Data While Increasing Mobility: WOW Insider Interview January 2013


Uploaded by CTIATheWirelessAssoc on 07.01.2013

Transcript:
John Walls: You know when you think about internet security, you have to think about Symantec.
That's what that company is all about
providing security in this digital world of ours
Steve Trilling is the CTO of symantec one of the keynote speakers
here at MobileCON. Steve thanks for joining us in the Buzz Zone. Steve Trilling: Thanks for having me in the Buzz Zone.
Walls: Let's talk about, first off mobile focus at Symantec
I know you have a
lot of key areas, in that regard can you hit on a few of those?
Trilling: Yeah, absolutely, so from a big picture perspective
what our customers are asking for help with is how do they
allow and enable their employees to bring in devices from home whether it's phones or
tablets
and safely access corporate resources
and the fact is
that these enterprises know they need to do this, because employees will find a
way
to get on to those corporate networks with their devices
so, best thing to do is to try to find a safe way to enable that and really our
world of mobile security now it's all about
how you provide
both the control and security that the enterprise wants as well as the freedom
in access that the user wants
so that you get
the most effective
and most efficient employees while at the same time allowing users to live their
lives and do the things we all do on the devices, when they're outside of work
Walls: So you as the solutions provider
how do you look at that problem then or that challenge
because you've got
really almost two bosses in a way, there you have the user and the corporation.
Trilling: That's right, so you have two bosses and the thing is
that if either boss is unhappy they're simply not going to use the device
they're not going to use the solution. The truth is that if the home user
brings their device to work and the enterprise requires them to put a lot of
software on the device that they don't want
they're just gonna take it off.
They'll either find some other way to get on the network or they won't use their
device at work and they'll be less productive.
Similarly if the
user
is forbidden from going to certain sites or downloading certain
applications
by the corporation
it's also not gonna work, so really in some sense, it's not just about having
two bosses and trying to meet in the middle, you really got to meet
all of the needs of both
or the entire system breaks down.
Walls: When you look at what mobility is doing
for the enterprise today
obviously the productivity your getting
the efficiency you're gaining, all these things
great impacts on the bottom line
I would still think that there's that CIO out there who cringes a
little bit thinking about
our data is out there in the air somewhere it's not on a hard-line
Trilling: That's exactly right.
CIOs and security IT people inside corporations have been used
to locking down
all their information so that it can only be looked at
from a secure device when
you're inside the corporate network. Now you're talking about a phone that somebody's
going to use
to do their online shopping in which also has sensitive corporate data on it
you've got a phone where they may be accessing corporate numbers while
they're traveling overseas outside the control of the enterprise
so it really is a new world
and in some sense the old tools don't completely go away, it's just you
need to evolve them
so that there's a little bit more of a way
to meet both the needs of the user and the enterprise.
Walls: How do you do that in an environment as
fluid and dynamic as mobile is
not just in terms of the very physics of it
the fact that these invasions, of these threats, or risks constantly evolve as well
Trilling: Yeah, that's right, so
we've got stay on top of the threat landscape to make sure we understand
what the challenges are, but really part the challenge here in this
new world
is that you want
IT administrators to be able to apply policy
to specific applications on the device that our corporate owned and not apply
that policy to applications that are owned by the user, so if a corporation
wants you to type in a password to access
your corporate financial numbers they want to be able to apply that password
policy just to that one application on the device that the user might use to access
that sensitive data
they don't want you
to have to type in a password to take a picture of your kid
so it's really about A. staying on top of the attacks but
B. making sure that appropriate security policies can be applied in a granular
away
so that they're only applied to the corporate assets that really need them
Wall: So, it's your job to
make the CIO nod his head yes instead of shake his head no
Trilling: That's right at the
same time you want employs to embraces this, right, because in the end
while it's a challenge for CIOs, ultimately employees are much more productive.
If I'm an employees and I can check an email
or i can check that document while I'm sitting in the doctor's waiting room, that I didn't
used to be able to do. That's good for the company
so while in many cases, the goals of the two parties seem in opposition
they ultimately, if they can both be served it really is better for everyone
definitely better for the company.
Walls: Well it's a challenge to certainly get everybody on the same page while I know Symantec is up to it
and
Trilling: Lot to do, and lots of exciting times
Walls: We appreciate your time here in the Buzz Zone Trilling: Thanks again for having me.