One of the questions that comes up quite often with customers when talking about the Citrix solution for enterprise mobility, Receiver and CloudGateway, is how our solution supports “device wipe” and “device kill” functionality. This interest in wiping technologies even has the attention of Bloomberg News in a recent article entitled Why Corporations Covet ‘Kill Switches’. Specifically, many businesses worry that with the trend of BYOD in their organizations, how can they ensure that company information is always secure and does not leave the organization with a device loss or with an employee who leaves.
It’s a great question and we know many organizations are trying to determine the best way to handle this. I think it is first important to understand the scope of the problem…and yes, it’s big! According to Forrester Research, by 2016, 350 million employees will use smartphones — 200 million will bring their own. And, that is just smartphones, and doesn’t take into account PCs and tablets that employees are bringing inside the four walls of their organization. That is a huge number of personal devices and organizations must very quickly determine their strategy for enabling these devices.
In thinking about the problem, Citrix really tried to determine the goals these organizations have when they implement BYOD. What we determined in talking with customers and analysts is that these organizations are looking to support BYOD, but realize that managing all of these devices would be a nightmare. As with PCs, IT wants to get out of the business of managing user devices because it is very expensive. Instead, they want to enable users to be productive on the device of their choosing, while ensuring control and security over all the enterprise content (apps and data) that these users touch. This is our vision. Business users should have the flexibility to access all of their corporate Windows, web, SaaS and mobile apps as well as their data from any device while at the same time IT should have full control of that content – and nothing more.
Citrix Receiver provides users secure, self-service access through an enterprise app store (Citrix CloudGateway) to all of their desktops, apps and data. This content follows the user as they move between devices, in what I am calling the “Follow –me Enterprise.” In the event an employee leaves the organization or a device is lost or stolen, IT has full control of all that enterprise content as it has all been delivered through Citrix Receiver. IT can now remote wipe all of the users’ applications and business data to ensure data does not get into the wrong hands, while leaving the users’ personal data and apps intact. This is incredibly important for reasons beyond upsetting users about wiping their devices. In many countries it is illegal and breaks privacy laws to take these wiping measures on a personal device. Citrix brings the best of both worlds – full control over the business content, no access to the personal information.
I think that Brian Katz, who as head of mobile engineering at Sanofi and has helped select technologies that the French drugmaker uses to secure employees’ devices states it best in his comments to Bloomberg News about protecting mobile devices: “Proceed carefully. Look for flexibility, look for ways to enable and empower your users, [and] get the work done while still protecting your assets. It’s not always about controlling the device.”
So, to summarize my long winded answer, yes, it is absolutely possible to deliver secure enterprise mobility to all of users without the necessity to fully kill/wipe the device, even those not on corporate-owned devices – ensure you have complete control over the business content (and nothing more), the ability to provision and de-provision that content, and then wipe your hands of the concern ☺.