tag:blogger.com,1999:blog-4384692836709903146.post6755325325240877709..comments2024-03-27T09:55:23.143-07:00Comments on Dispatch from the Digital Health Frontier: Cool Technology of the WeekJohn Halamkahttp://www.blogger.com/profile/04550236129132159307noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-4384692836709903146.post-5135996970482819222012-06-15T18:51:52.564-07:002012-06-15T18:51:52.564-07:00Funny - MaaS360 and MobileIron are the two we are ...Funny - MaaS360 and MobileIron are the two we are strongly considering for an MDM sitting on top of our Exchange and ActiveSync environment. We will also be using PKI for device and host authentication. We've studied these technologies, use cases, and attack vectors for the last ~7 months and these seem like an ideal combination of controls for devices. <br /><br />Regarding separating corp vs personal data on these devices - many approaches use containerization (e.g., Good) or virtualization (eg VM View or Citrix Reciever) to keep data separate and secure. Think about these technologies as ways to get what you need.Taylornoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-25257701063169621082012-05-30T10:25:45.555-07:002012-05-30T10:25:45.555-07:00Our company uses an MDM product called MaaS360 fro...Our company uses an MDM product called MaaS360 from Fiberlink. We use it to manage iOS and Android smartphones and tablets (ok... no Android tablets in use yet), although for now we only manage devices supplied to our end users by the company (no BYOD devices are on the MDM product).<br /><br />Our company is in the healthcare space so we wrestle with many of the same issues you raise.Andy Orrhttp://www.hthworldwide.comnoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-55981729319011329702012-05-21T18:37:18.466-07:002012-05-21T18:37:18.466-07:00We have found great success with MobileIron. We ne...We have found great success with MobileIron. We needed to track and manage our agency iPhones, Android phones, and iPads. It lets us track who has what on which carriers, what software is installed, deploy profiles and security settings, and wipe them. It also lets us use the Apple Volume License Program to easily deploy apps to many devices with just one purchase. It's met all of our needs very well, and then some.<br /><br />I've really enjoyed reading your blog for a couple of years now. I am an IT leader, and appreciate your insights. Please keep it up.stgovitmgrhttps://www.blogger.com/profile/15536855131110634322noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-53443878277360886492012-05-13T09:42:33.912-07:002012-05-13T09:42:33.912-07:00I am surprised that virtual desktops didn't co...I am surprised that virtual desktops didn't come up. I know of at least one health plan that uses that technology to keep the data separate and secure. VMWare and Citrix both have that kind of solution and there is a lot of potential for providers there. I also wonder if smarter app design along with more use of cloud based services like ec2 will start to become more popular.Billyhttps://www.blogger.com/profile/17310840673176943843noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-56944123798114387452012-05-11T16:40:49.576-07:002012-05-11T16:40:49.576-07:00I agree with Josh. I would put in an MDM solution ...I agree with Josh. I would put in an MDM solution to partition the corp from the personal data. We certainly have a solution for this and use it internally, but there are many others. For example, MD Anderson uses BoxTone. You should also get a handle on physician SMS texting. That is just now becoming an issue for us. However, ActiveSync is a "good enough" for most organizations versus doing nothing.<br />#iwork4dellKevin Groffhttp://www.dell.com/healthcarenoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-70187686200196399562012-05-11T14:34:18.588-07:002012-05-11T14:34:18.588-07:00I just recently attended a panel hosted by CDW and...I just recently attended a panel hosted by CDW and cio.com in Houston about BYOD and i was surprised on how many other companies are on the fence about a BYOD policy. We are in the same situation and the panel of experts gave some great incite into how this trend is moving towards and the challenges that companies will face.<br />John the panel goes to boston on the 24th of may here is a link to register https://www.eiseverywhere.com/ehome/35103/56668/?&Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-4969049040730015992012-05-11T10:47:59.144-07:002012-05-11T10:47:59.144-07:00The ability to decipher between corporate and pers...The ability to decipher between corporate and personal data requires first that data be classified. While data classification is one of the cornerstones of information security, I have not had the pleasure of working in organizations with such programs established (too often the "operational and/or administrative” side of information security is forgone in favor of the “cool techie side” that draws great interest; or the organizational view of information security is purely technical). Organizations, as well as mobile devices, must also be able to adapt to the evolving information security landscape, manage this content, and organize it. The advent of BYOD is not only a game changer for information consumption but also a game changer for information security. We need to be able to adopt holistic information security programs and identify cutting-edge techniques to protect our sensitive information without compromising the efficiency of mobile computing. Only then will we be able to conquer this challenge.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-21297430800039719002012-05-11T07:18:38.236-07:002012-05-11T07:18:38.236-07:00You mention purging corporate versus personal data...You mention purging corporate versus personal data--is this really possible with the current design of iOS and Android?<br /><br />I think BYOD makes more and more sense, but as you have pointed out, security is essential and not optimal right now. I don't know much of anything about the specific technical methods for implementing security on these devices. But from a purely conceptual standpoint, I think it would be useful to "partition" these devices into corporate and personal spaces on the device. You could dedicated one app screen to all of the corporate-controlled apps and settings, leaving the rest of the screens for the user to fill with their own personal content. Essentially, this could create two walled gardens, separate and distinct from each other on the same devices. In case of a lost device that needs to be wiped, the administrator from the corporate side could always have the authority to wipe everything in the corporate space and ask the user if they wanted all their data in the personal space to be wiped as well.<br /><br />Interested to see how this develops and what Apple/Google/Microsoft/etc come up with to manage these challenges.Josh Herigonhttp://www.joshherigon.com/noreply@blogger.com