Large and small organizations alike now rely heavily on mobile devices like smartphones or tablets to enable their workers, customers and management to connect and collaborate, even when some or all of them are working remotely. For many corporate and government organizations, support for remote communication is mission-essential.
Typically, these organizations purchase and administer their mobile devices. Staff members use these corporate- or government-owned devices for their business-related communications, but they often don’t want to carry a second device for their personal communications.
The Corporate-Owned, Personally Enabled (COPE) model of device ownership allows staff members to link personal accounts such as email to their corporate- or government-owned devices. But by enabling employees to access to both business and personal content on their mobile devices, COPE brings new security challenges to organizations.
Device users may prioritize convenience over strong security, accidentally share sensitive information with unintended audiences, or use their corporate- or government-owned devices in contexts in which sensitive business information should not be shared. Solutions that address the users’ communication privacy, while enabling organizations to protect business content are essential to making COPE work for everyone.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), along with BlueRISC, Inc., is developing a new Cloud-based Root-of-Trust (CRoT) technology called EPRIVO Enterprise 2.0 to address some of these concerns. Within the same application, the CRoT technology separates business from personal assets and enables enterprise policy enforcement for access to sensitive data.
BlueRISC has integrated the CRoT technology into its EPRIVO Enterprise 2.0 private email application. With the EPRIVO app on their iOS or Android mobile devices, users can easily and securely access both their existing personal email accounts, such as Gmail, Yahoo and Hotmail, and their corporate or government email accounts. EPRIVO supports Android, iOS, macOS and Windows; in other words, it is a private email application that can be used on both mobile devices as well as computers.
“The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections,” said Kris Carver, BlueRISC Technical Director. “Users can specify controls for the emails they send, including recalling messages or preventing the receiver from forwarding a message.”
S&T’s support has enabled BlueRISC to transition its CRoT technology to add enterprise security protections to EPRIVO email. Enterprise security administrators can use the enterprise administrator’s console to set security policy for each user’s enterprise email account, ensuring that business messages are protected.
Meanwhile, EPRIVO users can continue to use and retain full control over their personal email accounts that are accessed via the corporate- or government-owned mobile device. Users also can choose to add security protections to their personal email accounts through settings on the EPRIVO app.
“S&T’s support for BlueRISC’s EPRIVO Enterprise 2.0 is providing enterprise security administrators and mobile device users a valuable tool that protects the security and privacy of both business and personal email on corporate- or government- owned mobile devices,” said S&T Mobile Security Research and Development Program Manager Vincent Sritapan.