August 17, 2017

Geofencing: Cutting-edge endpoint security technology

Michael Baker

 

By Michael Baker
Technical Solutions Manager
Arrow ECS

 

Somewhere along the way I got old. I’m not sure when it happened, but a couple of months ago when I was at the mountain bike park with my daughter, I learned the lesson very quickly. She asked me to teach her how to ride a jump trail with the wall ride at the end; and while I made the jumps fine, when I got to the wall I rode up too high and wiped out rather badly. All the young kids out there helped me up, called me “sir” repeatedly and told me it was great to see someone still riding “at my age.” 

After dropping my daughter off at home, I went to the emergency room to see whether I had cracked a rib or broken my arm. It has been a while since I have been to the ER, and I was very surprised when the nurse rolled up a mobile x-ray machine and took my x-ray right there, instead of wheeling me halfway across the hospital. Then, when they came to verify my insurance and billing, they pulled out an iPad! The use of the tablet made my whole experience at the ER very fast and convenient and, frankly, improved their overall customer service.

Fifteen minutes later, the doctor walked in with a similar iPad, tapped on the screen, flipped it around and displayed the x-rays that I had just taken only a few minutes before! He showed me where I had a small fracture, and explained why the damage wasn’t all that bad. And the best news of all, I wouldn’t require a cast! While we were talking, he also used the iPad to access my medical records from various other injuries I had sustained to pull up medication names that I couldn’t remember.

Given that I work in the IT security space, I immediately became concerned about HIPAA security issues. So I asked him how long the hospital had been providing them iPads. He laughed and responded that it was his own device that he brought from home and that the hospital’s IT department put an agent on it to protect the data. I then asked whether he liked using his device for work and if he minded the agent required for security. He said he loved it, because it helped him do his job better. So my ER doctor was happy and I was definitely happy that my medical data was safe and, most of all, I didn’t have a cracked rib or arm.

Geofencing Enables Mobile Security

The agent technology used by both the doctor and the x-ray tech is a sub-type of mobile device management known as “geofencing.” In some cases, geofencing simply restricts access to controlled applications when a device is within certain areas. In other cases, this technology essentially creates two different working environments on any mobile device allowing for it to be used for both personal and business purposes. 

In both of my ER experiences, the doctor and the x-ray tech were using technology in a way that helped them do their job better, yet also presented a potential security concern. Mobility has often been an area where the needs of end-users and limitations of IT security and regulations like HIPAA create conflict between business users and IT departments. My doctor’s secure iPad is one example of how technology is quickly evolving to support the way users engage by not forcing them to carry multiple devices and learn new interfaces. Businesses like this hospital are not only able to save money, but they can also up their customer satisfaction internally by meeting their users’ desires. It creates a place where IT security and the business can truly collaborate to bring value.

How Geofencing Works

The type of partitioning that geofencing requires has existed for a while. But what has emerged in the past couple of years is the automatic detection of which profile should be used based on the physical location of the device. IT departments can configure devices so that when they come within range of a physical location based on GPS signal, it will then force a certain level of access and behavior on that device. In contrast, if the device is not within that area, the user nor the device will have the same level of access.

There are a variety of ways to define the fence that is used for these purposes. As mentioned, we can use GPS coordinates, network range or other signals that indicate where that device is at any given moment. Additional security measures, such as user name, password or biometrics, can be layered on top for additional security. Other restrictions, such as rights to local data storage for sensitive data, can also be configured.

Most mobile device management systems are delivered via cloud software as a service, which removes the initial cost and complexity concerns around both the initial adoption of pilot projects and long-term scale-outs. Because most software as a service is based on usage, starting small with a subset of clinicians can allow end-users to vet technology easily and then expand until the return on investment is known.

Use Cases

Geofencing can be found in a wide variety of areas, but are especially prevalent in the healthcare, R&D, industrial, manufacturing and energy sectors, because of regulated or trade secret information that needs to be protected yet easily accessible. In each of these industries, geofencing allows the workforce to be highly mobile on-site doing things like patient visits or machine inspections. All of this makes a light mobile platform, such as an iPad, a huge advantage.

How Arrow Can Help

Mobile device management is the type of technology that helps keep head-butting between IT, security and business owners to a minimum. In the case of my ER visit, it allows everybody to focus on delivering the best possible experience between the doctors and patients. 

However, selling solutions like this can be complex. In some cases, you might be selling to the security office or the compliance organization or to traditional IT that supports endpoints. Often you’re selling to whoever owns the operational process you’re enabling, such as a clinical practice within a hospital. In the most effective sales cycles, we see partners selling across each of these organizations at the same time.

Here at Arrow, we work with several of the leading suppliers in the mobility market and help partners around the country understand the market opportunity and variety of endpoint security solutions. Whether it is working laterally within your existing customer base or targeting and gaining traction in a completely new market, Arrow can help you build the messaging, value propositions and sales/technical skills needed to win business in the mobility and security spaces.

Contact Us

If you would like to learn more about how to build capabilities in the area of endpoint security or geofencing, we would love the chance to speak with you. Please feel free to reach out to me directly at mibaker@arrow.com to discuss further.