No long ago, I published a commentary focused on Cortado and app wrapping (see Cortado Corporate Server 7 versus app wrapping). As is often the case, a comment on a conversation with representatives of one company leads to conversations with others. This time, representatives of NCP Engineering reached out and asked if I'd like to speak with Joerg Hirschmann, CTO, NCP engineering.
Hirshmann is a strong proponent of an active defense system for corporate systems, data and applications. He believes that while end-point security tools, such as those offered by Cortado can be very useful, they must be incorporated into a larger set of security management policies. Wrapping applications is only a start, he would point out.
IOS and Android have started down a useful path by adding access controls, Hirshmann would say, but these are far from a comprehensive in-depth security framework.
The server operating systems, applications, databases, and networks must all be considered as well. This, he would point out, leads to the requirement for careful planning, monitoring, sophisticated firewalls and even to the use of virtual private networks. He would also suggest that staff using their own devices should be mindful of the networks they are using. Coffee shop and hotel networks might be convenient, but they may not be really safe.
The questions he suggests IT planners address should include the following: "are the passwords people use really secure and safe?", "are the networks protected so application conversations can not be overheard and the proprietary data extracted?", "are applications being developed with security in mind rather than security being an afterthought?"
NCP Engineering believes that it's firewall and its VPN clients and services should be a part of organization's planning for BYOD programs.
What is your company doing in this area?