With a predicted 40% of the global workforce using mobile devices by 2016 according to Gartner, it has become essential for IT administrators to find ways to empower a mobile workforce, while also ensuring the security of critical business assets. Doing so involves a delicate balancing act of governance, compliance, and security. Administrators often find themselves walking this tightrope, and with the average cost of a data breach estimated to be an astounding $5.4 million according to the 2013 Cost of Data Breach study by the Ponemon Institute, the fall from this tightrope is frightening to say the least.
Organizations using Microsoft SharePoint are not immune from this risk. In a recent Forrester survey, only 15% of respondents reported having a mobile solution for SharePoint in place. That leaves 4 out of 5 organizations either immobile or vulnerable – because, as the previously noted statistics indicate, employees are mobilizing with or without an organization-wide mobile solution. Up against such risk, it’s no wonder administrators have concerns.
In implementing solutions for today’s workforce, administrators are addressing four major questions:
- How do I empower my mobile workforce?
- How do I protect my content?
- How do I build on my existing systems?
- What about external stakeholders?
AvePoint Perimeter provides a robust mobile access control platform with benefits for all your key stakeholders – allowing IT administrators to deliver business-critical SharePoint content to a mobile workforce on specific terms, without risking security. Perimeter combines traditional 2-Factor Authentication (2FA), your existing authentication security systems, and location-based controls to ensure data sovereignty. A rich panel of controls ensures access by trusted users, in trusted locations, on trusted devices – inside and outside the organization.
Striking a Balance
With Perimeter in place, mobile workers can remotely access SharePoint content safely and securely, on company issued or employee owned devices.
Perimeter is unique in its ability to maintain enterprise content security with a lighter hold on employee devices, partitioning enterprise content to a secure container in the mobile app or with browser access controls. By securing the content, and not the entire device, Perimeter allows for hardware flexibility and reduced hardware expenditure as organizations implement Bring Your Own Device (BYOD) or even Corporately Owned, Personally Enabled (COPE”) policies.
By creating a divide between business and personal data, Perimeter provides peace of mind to administrators and end users alike. Administrators enjoy the ability to secure, protect, and – if necessary – eliminate company data on a mobile device without the burden of controlling the entire device. End users find peace of mind that their company cannot access, control, or view their personal material.
Available for iOS and Android devices, the Perimeter mobile app helps organizations retain control of data while allowing their workforce to access data on-the-go, directly in the app or on other devices, by using the app to authenticate secure remote access.
Enhancing the traditional 2FA approach, Perimeter allows administrators to specify trusted content access by locations. With every remote log-on attempt, Perimeter will attempt to authenticate the user’s log-on credentials, while simultaneously comparing geographic location to established configurations in order to verify the location as trusted. If the user is not in an approved location, the content access will be blocked. This powerful combination of controls ensures SharePoint content is accessed only by trusted users, on trusted devices, in trusted locations.
Available today, Perimeter Service Pack 2 (SP 2) has also introduced two new features to combat risk often associated with consumer-oriented file sharing services. While these services are easily managed by the end user, their simple, consumer-oriented file sharing models do not translate well into managing content from an enterprise perspective because content ownership, restricted sharing, and data security are not easily tracked or maintained. Administrators, who need to have control over their content to ensure asset security as well as availability, are basically left out of the loop – as end users share data with whomever and however they want, yet are still held liable for the risk of security compromise.
Perimeter provides users with two secured, user-friendly ways to share SharePoint content with people outside of organizations – secured share and virtual views.
From an end-user perspective, the benefit of the secured share feature is the ease of sharing. Employees can share enterprise content directly from SharePoint to external stakeholders, without sacrificing control over documents. Users select the level of access external parties receive – the ability to only view the content in a secure document viewer, the ability to view and create local annotations, or the ability to download. Unlike other file sharing software, Perimeter can also provide updates to the shared document after it has been initially shared, notifying recipients with push notifications – ensuring that the person you shared with always has the most up-to-date document available.
To facilitate the secure transfer of content, we built the AvePoint Perimeter Portal – a central access point where cached copies of SharePoint content can be placed for external users to access. The portal can be accessed via browser, and external stakeholders can enter the portal to register their mobile device with Perimeter. Once devices are enrolled and registered as secure, external users can access shared content. Internal users also have the ability to access the portal where they can manage shared files and sharing permission settings, or view the audit trail of shared material.
Virtual views is a new functionality in Perimeter SP 2 which allows administrators to generate personalized views of SharePoint content for sharing with external parties. The views are created using metadata-driven rules. These rules utilize the metadata fields present within native SharePoint to collect unstructured content fitting to the criteria selected. Once the rules are set, Perimeter automatically places the content in a folder structure and shares the view out with specified external users. Much like our secured share feature, the content within the view also has configurable permission levels, the ability to share updates, and expiration policies.
For more information about Perimeter, or to request a free trial, please visit our Perimeter product page.