Riverside Healthcare had regulatory compliance and data loss prevention in mind when it deployed a new security architecture for smartphones and tablets in September 2013. Equally important to the Kankakee, Ill. medical center was the selection of a solution that was easy for administrators to use.
It chose a combination of AirWatch Mobile Device Management and Kaspersky Lab’s Anti-Virus to protect 280 mobile devices in use by doctors, nurses and hospital administrators.
“Our employees are allowed to choose if they want an Android or iOS device,” said Erik Devine, Chief Security Officer for Riverside Healthcare. “We’re particularly concerned about the Android devices because malware tends to hit those devices more frequently than iOS devices. With AirWatch, we can lock down those Android devices as tight as we want.’’
Devine said email is the most common application for mobile devices at Riverside Healthcare. For doctors who want to access patient data or run remote desktop applications from their tablets, Devine’s security team has written homegrown code to ensure that hospital data remains secure.
Riverside Healthcare spent approximately $7 per device on AirWatch MDM software, but Devine says the money was well spent because of the software’s fine-grained controls, ease of use and simple deployment. He’s interested in AirWatch’s partitioning capabilities that will allow him to separate and encrypt hospital data stored on employees’ mobile devices.
“They are starting to release containerized email and private locker capabilities so we can have Riverside data stored in the locker rather than on the device,” Devine said. “Once we get containerization, then we’ll be able to delete Riverside’s email and applications from a device if an employee leaves without having to wipe the whole device.”
Platform and Processor Protection
Mobile security solutions will continue to change rapidly as operating systems and processors adopt basic mobile device management (MDM) features.
Apple iOS 7, released in September, has a built-in remote lock-and-wipe capability as well as enterprise MDM features, new controls for opening attachments, and application-based virtual private networks, for example. Similarly, Samsung is offering built-in containerization, called Knox, to let organizations isolate business and personal applications for its Android smartphones.
Last spring, meanwhile, Qualcomm inked a deal with Kaspersky Lab to preload security products on Android devices powered by Qualcomm Snapdragon processors. Snapdragons are found in more than a thousand products shipping or in development from more than 70 device vendors.