Containerization and mobile threats

For a short and very enjoyable history lesson, watch this Youtube video.

It's the story to a 1930s-era truck driver named Malcom McLean, who tired of sitting in the shipping port for days, waiting for dock workers to unload bales of cotton from his truck. This delay cost him money. McLean had the idea of simply hoisting the entire truckload onto the ship in one fell swoop. This insight ultimately lead to the modern "containerized" approach to shipping.

Pick up the whole container and plop it on the ship! Simple, yes?

Well, no. It took another couple of decades before McLean actually implemented his idea. He had to design the container itself, which was different from a conventional truck trailer of the day. And he had to build an entire ship with a stronger deck to bear the load of stacked metal containers. Because of difficulties of this sort, a lot of people thought McLean's idea was crazy.

[Also see With BYOD, data breaches just waiting to happen]

As part of our CSO Perspectives series of one-day events, we recently convened a panel of CISOs in Boston to talk about securing mobile computing. One of our esteemed panelists said his company, to deal with the demands of bring-your-own-device (BYOD) movement, is taking the containerization approach. The smartphone or tablet is regarded, for security purposes, as untrusted.

Users can do more or less as they like--they own the devices, after all--but corporate apps and data and network access are isolated from whatever else is on the phone or tablet. Containerized.

Simple, yes?

I asked the panelist about how off-the-shelf his containerization strategy was. "Not very," was the reply. And indeed, as in McLean's day, the simplicity of the idea conceals a lot of technical concerns. Controls can be implemented at the OS level, the hypervisor level, the application level&

(For more about different approaches to containerization--without too much head-spinning technical detail--check out this useful blog post from Fixmo: http://fixmo.com/blog/2012/05/11/mobile-device-sandboxing-101.)

For all the challenges and decisions, though, containerization still looks like a mission-critical concept for the mobile and BYOD era.

Tags security

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Secure Virtualization of Business Applications

Run your mission-critical applications in a secure and compliant virtual datacenter, or private cloud.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.