A Secure Container Isn’t Always About Providing Security

June 23, 2014
By Moka5

securecontainer

It’s no secret that Moka5 has been one of the loudest evangelists about the value of secure containers for mobile and remote computing. We are quite proud of how M5 LivePC, our secure PC container, uses Type 2 client-side virtualization technology to deliver and manage a fully configured corporate Windows workspace that is highly secure and completely isolated from the underlying host. Secure containers give companies the ability to access critical data, networks and business apps, securely while still enabling users to conduct non-work related activity on their host machine.

But what happens when your organization has the opposite need? There is a class of company with such strict security policies that every computer is already totally locked down. You sometimes find these organizations in certain financial services or government organizations. When I say locked down, I mean really, really locked down – no printer, no working USB drive, no internet access, nothing that can allow access to anything but what is already on the computer. In such organizations, this may be acceptable for 75% of the employees, but there are always exceptions.

Would you provide an additional device for those users who will occasionally need to conduct an internet search, but the rest of the time still need to be working in a supermax security environment? Of course not. Are you going to have a handful of unsecure PCs in your facility? Most definitely not.

Suddenly, what is usually a secure container for controlled access is now a secure container that allows controlled freedom. Because the Moka5 secure container has over 130 security policies that can be configured to best serve your organization, you can dictate that nothing from the container can be copied to the host or vice-versa. This means that users in a super-secure locked- down environment can now use the container to get email and, if allowed, internet access. It is the best of both worlds – maximum security and controlled freedom, on one PC!

Rather than introducing security risks to the primary environment and creating systems that must be managed separately from all others, providing employees with a personal container on their corporate PC introduces multiple benefits:

  • With a designated personal space, employees are more accepting of a tightly locked down work environment such as work-only apps with no ability to install software or make other changes
  • Employee satisfaction is improved when they are provided a space to perform personal tasks during down times
  • Hardware can be quickly repurposed for another employee by remotely wiping the personal container
  • Once granted an exception for installing non-standard software, employees can be up and running very quickly with a self-service portal where they simply copy down the container and go through a 3-step installation process
  • The host corporate environment is protected from any activity in the container including web browsing and email or installation of buggy or malicious software
  • The container is “reset” to the clean base OS and app stack of the container each time it is restarted, and users can “rejuvenate” their container if it becomes corrupted – wiping out the apps and returning it to that clean state, but retaining any files they’ve saved
  • And, as stated earlier, users can be prevented from copying and pasting between the corporate environment and personal container to keep corporate data where it belongs

 

We know that not every organization assumes such a strict security posture but this example does highlight how by using Moka5 you can still allow your users access to their personal data, email, and websites on a corporate owned machine without worrying about contaminating the corporate environment. To learn more about our comprehensive Security offerings, visit Moka5 for Cybersecurity.

 

 

Comments are closed.