The security firm Symantec focuses on protecting its source code, financial data, and intellectual property, ensuring that such information cannot leave the company without significant protections, says David Thompson, Symantec’s chief information officer.
Cloud security solutions, from companies such as Websense and Zenprise, are another option. Websense’s cloud service brings e-mail and Web security to any device that connects to the Internet. Rather than forcing users to connect back to the home office for security protections, a Websense proxy filters out malicious code and spam. Zenprise, meanwhile, helps companies manage their devices through the Internet. For instance, it can remotely erase the memory on lost or stolen devices.
Given the exploding need, the Radicati Group, an analyst firm, predicts that the market for cloud security services will double, to more than $2 billion in worldwide sales, in the next four years.
A different way of dealing with device proliferation is to place a small secure program—known as a virtual machine—on an employee’s device to interact with corporate data. The model, which is used by an increasing number of banks to enforce security on customers’ computers, lets companies claim a piece of the user’s device as a fenced-in compound.
When banks use such technology, consumers are allowed to opt-in to the service and install the plug-in. Then, when a consumer connects to his bank’s server, the virtual machine does all the communicating, separate from the device’s original operating system. The technology isn’t foolproof, but it stymies attacks that could get by antivirus and antifraud monitoring.
“I actually think that enterprises can learn from banks and financial institutions on how to secure their employees these days,” says CEO Mickey Boodaei of Trusteer, which offers banking customers such a solution, and is beginning to offer the technology to companies that want to secure devices owned by employees, but used for work.