Back in October, MobileIron announced a three phase plan for “securing the personal cloud.” At the time I focused on a particular caveat (which I’ll explain shortly). However, with Phase 2 coming out today, it’s a good time to take another look at the initiative with an eye towards the other benefits it can bring.
First off, what does MobileIron mean by “securing the personal cloud”? Here’s how they described the initiative in October:
- “Phase 1: Personal Cloud Access: Provide native access to popular cloud-based content repositories through a secure mobile interface. Users can now search and find their content across the cloud.”
- “Phase 2: File-Level Security: Establish file-level protections to ensure that enterprise information stored in the personal cloud is encrypted and cannot be accessed by unauthorized apps and users. When this phase is completed, IT will be able to create security policies that follow data wherever it lives.”
- “Phase 3: Best-of-Breed Ecosystem: Enable MobileIron’s application partners to access protected cloud data when authorized. When this phase is completed, users will be able to choose the best productivity solutions for them.”
Phase 1 came out last October; Phase 2 is what’s coming out today; Phase 3 will roll out at a later date. MobileIron is also now calling this new framework the “Content Security Service.”
The idea that “IT can create security policies that follow data wherever it lives” is a welcome concept. For the last couple of years in the EMM space, a lot of people have taken a look at the MDM and MAM offerings available and commented that they would like to have products that weren’t so dependent on particular apps and devices for security. In theory, this is more consumerization-friendly and should enable users to choose more of the tools they work with.
With the Content Security Service data can indeed go anywhere—Dropbox, Box, or whatever—and it will be protected. But in order to access and manipulate the data, you need to have apps that are specially built to work with the service. This is the exact same dependency as with any other MAM ecosystem, and it’s the “catch” that I wrote about back in October.
However, putting that caveat aside, protecting data no matter where it goes is obviously still a good step thing to have. Instead of using a storage repository provided by MobileIron, an app maker, or by IT, there’s a lot more flexibility. Users can share data how ever they want, and any data repository can act as a hub between apps. The apps don't necessarily have to be aware of each other, they just have to be aware of the Content Security Service.
For right now, the only app that can access the Content Security Service is MobileIron Docs@Work, but that’s okay since this is just an intermediate step. In Phase 3 other partner apps will be enabled; a desktop agent is also planned. Eventually, the Content Security Service framework will be part of MobileIron’s standard MAM framework.