Instead of focusing on a device or a user, it would be, “only about the data – not about the device, not about the network. You need to protect it, own it, revoke it.”
To do that in the next five years, he said, would require three things: “First, encrypt it with enterprise key management. That’s fundamental to any BYOD strategy.
“Second, it has to reside in a virtual container that I control, like an embassy that is subject to my rules and my laws. Somebody else can’t repurpose it, send it out on an email or do anything with it.
Finally, he said, it would have to possess egress policies that control who can access it. “If I want to revoke the key, I can hit a red button and it doesn’t matter if the bytes are still there, you can’t read them,” he said, contending that if the National Security Agency had had that kind of control over its data, it could have prevented whistleblower Edward Snowden from stealing and passing on classified information to journalists.