by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2015
20 GCN MAY 2015 • GCN.COM government-owned device, but the government side maintains a “Black- Berry experience.” BRINGING IT ALL TOGETHER Ensuring mobile security in a govern- ment enterprise requires an approach that brings together MDM, contain- erization or virtualization, mobile application management (MAM) to counter risky mobile apps, identity management and even a tool for secur- ing agency data from insider threats. Wooton recommended that agen- cies “push the MDM vendor in this area and make sure the contractual relationship takes advantage of the MDM’s capabilities to do just this. Most of the major ones are look- ing at this issue and offer capabili- ties that can provide awareness and supplement or create coverage in the insider-threat arena.” To mitigate insider threats, he said agencies should monitor the usage data from their MDM servers and note the increased segregation of native applications outside the MDM and the greater availability of mission applica- tions within the MDM’s control. He also said contracts with MDM vendors should include requirements that they upgrade their capabilities to counter insider threats. “The risk associated with maximum usability of mobile devices, even within the BYOD environment, almost always outweighs the danger of em- ployees trying to circumvent device or agency policies,” Wooton said. “By pro- viding an acceptable-risk approach, an agency has a much greater opportunity to increase productivity (a given with a workforce using mobile devices) while still being able to monitor threats, both from the inside and external.” Brubaker agreed. “The key to miti- gating and monitoring insider threats is setting up and enforcing policies,” he said. For example, the IT staff can institute an action that automatically removes agency data from a rooted or jailbroken mobile device. Roberts added that “in terms of securing data on the device, I think that containerization is absolutely the right way to go. There are a couple of models that are emerging right now for how to do this, and containeriza- tion and virtualization seem to be the two dominant ones being discussed in the federal space. I don’t see people discussing that MDM, pure mobile device management alone can work to give you a balance between usability and security.” Adams, meanwhile, advocated that agencies move from device-centric to user-centric security and establish a platform for identity management. “The devices may change, but the users are going to stay the same most of the time,” she said. “Maintaining control over employee access to data regardless of the device becomes probably the most important thing you need to do, especially if you are going to enact a BYOD policy.” • — Will Kelly is a freelance technology writer based in Springfield, Va. INSIDER THREAT “What’s most important is to partner with an [enterprise mobility management] solution that can accommodate the broad range of available devices.” PAUL BRUBAKER, AIRWATCH “What we’ve seen the government actually doing...is enabling dual personas but doing it with enterprise-owned phones.” JUSTIN MARSTON, HYPORI 0515gcn_018-020.indd 20 4/30/15 10:36 AM