Demystifying Sandboxing

Bring your own device is gaining ground in many industries, with Globalscape reporting that 68 percent of surveyed businesses have some form of BYOD policy in place for their employees. It’s hard for security policies and technology to keep up with an influx of personal devices in sensitive data environments, but one method that shows promising results is called “sandboxing.”

What’s a sandbox?

Sandbox image by krossbow via Flickr.

The sandbox application launches a virtual system environment on the device, whether the employee uses a smartphone, tablet or laptop to access the business data. This virtual environment has limited privileges and cannot interact with files located on the non-virtual space on the device. Enterprise mobility management, or EMM, is a significant way to allow the flexibility of BYOD while keeping yourself safe. If you’ve been ripping your hair out trying to stay on top of security threats to your precious enterprise network, take a look at how sandboxing can stop the headaches.

Standardized Environment

Certain sandboxing applications, such as BlackBerry’s Enterprise Service 10, provide cross-platform sandbox containers that give you the option of creating a standardized environment for your employees. Since this application is cross-platform compatible, you can have Android, iOS and BlackBerry users working in the same environment, with the same permissions. This eliminates a major hassle that comes with BYOD. BES 10 provides word processing, integrated email and secure access to allowed applications.

Limited Access

The major benefit of sandboxing is that it cuts off access to many system files and functions viruses use to exploit mobile phones. If a mobile phone is unable to execute a virus code, it isn’t going to spread the virus onto the network. This eliminates a lot of the easier loopholes virus creators exploit, although the sandbox container is still an application itself. If there’s a vulnerability in the container, it can cause security vulnerabilities even when sandboxed. You should run other security features, such as anti-virus software and other security measures, alongside the sandboxing application so you don’t have a single weak spot. Sandboxing technology is a recent development in the mobile sector, so it takes time to work out all of the kinks involved in the technology.

Separated Segments

The sandbox environment keeps the user’s personal and work segments entirely separated. You don’t have to worry about high security documents ending up in someone’s personal folders any more than their party pictures ending up on the network attached storage box. Since sandboxing is a completely separate environment, it’s easy for employees to know when they’re in work space compared to personal space. It’s much harder to transfer files between the sandbox container and the personal phone storage, although it’s not impossible. When you have sandboxing in place, it gives your employees the ability to increase their productivity by using their favorite devices, without sacrificing security or worrying about whether a technical novice is going to unleash a network-ending worm.

What mobile device management measures do you have in place?

Be Sociable, Share!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>