5 Ways CEOs can Strengthen Security in Today’s Mobile World
Today, across virtually every industry, the number of employees working on unsecured, personal mobile devices (cell phones, tablets, portable hard drives, USB flash drives, laptops, etc.) continues to rapidly increase. And maintaining business security in the midst of mobility remains a difficult nut for IT teams to crack.
I recently read an article in Texas CEO Magazine by Jason Smith of Duff and Phelps that addresses five major threats posed by the fast-growing mobile ecosystem of today. These threats are real, and they affect organizations spanning all industries, but that’s no reason to write off mobility just yet. By taking the right precautions, it is possible to keep important business data safe while allowing employees to participate in an increasingly mobile world.
Mobility breeds inherent, but manageable, risks
In 2010 alone, nearly 600 corporate breaches cost businesses over $6.5 million! So, if you were previously unaware of the potential dangers of workplace mobility, now you know. And, as G.I. Joe said, “Knowing is half the battle.”
If you are considering adopting mobility policies like Bring Your Own Device (BYOD), here are five solutions to the security threats you should be aware of.
1. Develop a comprehensive data security policy
As the statistic above suggests, hackers are a legitimate threat to the protection of your data. And while you may believe yourself to be the victim in the case of breaches, if you house personal client and customer information, your clients are the true victims in the eyes of the law and public.
You are required by law to implement a certain level of security to protect that data, but adhering to minimum standards is no safe bet. When developing your security policy, be sure to create something that extends beyond just BYOD to every electronic system in your organization.
2. Extend technology and policies to Outside Counsel Guidelines (OCGs)
You can’t be an expert in everything, so working with outside counsel—something many organizations do—is expected. Hackers expect it too, which is why they often target law firms.
The high-value data and files relating to securities, intellectual property, and mergers and acquisitions that is shared with law firms is—well, highly valued. There isn’t much you can do to strengthen the security of an outside counsel (or other consultants), but one way you can protect against this risk is by extending both your technology and privacy policies to the rules and guidelines governing their relationship with you.
3. Revisit your backup and IT policies
Forget hackers and all the other external threats for a moment and consider the fact that even the greatest firewalls and encryption can’t protect against “employees gone mobile.”
The chances of files or data getting lost or damaged due to employee carelessness or lack of policy increases exponentially when mobile devices come into play. Moreover, tracking data exchange on mobile devices can be like aiming for a moving target—this is a huge risk when the result of an employee slip can be just as bad as disclosure or theft.
To better deal with the this challenge, go back and assess your policies—how has the usage of technology in your organization evolved, and do your policies still protect you?
4. Enact conservative protection policies
Introducing a BYOD policy is a great way to support employees’ use of mobile devices, but it does come with its own weaknesses. Smith notes:
“Government officials may share copies of [a] laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons.”
This is when you have to start hoping for the best. Not all companies deal with such sensitive information that even accessing email on mobile devices presents concern. However, deciding what is and is not acceptable to be viewed by non-employees is one way to begin policy development or revision, and this does benefit all companies.
5. Implement solutions to increase visibility
When important business data is stored in multiple places, or managed from unsecured devices, how can you remain in control of it?
For example, if an employee unwittingly stores a contract in a forgotten folder on their laptop, you’ll be hard-pressed to find it amidst an audit.
Deploying information lifecycle management (ILM), which focuses on workflow and the storage of business information, can help narrow your field of vision by storing newer and more frequently accessed data on faster storage media. This ultimately provides the insight you need to operate with certainty.
Protect your data today and secure your future
While mobility is an inevitable part of conducting business, it is important to remain in front of the risks—it is essential if you are to remain competitive. Establishing evolving IT and mobile policies, implementing storage and visibility-increasing solutions, and promoting these strategies company-wide will help you mitigate the risks associated with mobility in the workplace. Furthermore, these efforts will fortify the security of your data as it moves beyond the protection of your four walls.
Ready to Shop?
Compare features, pricing and deployment models of the top mobile device management solutions in our exclusive Top 10 Mobile Device Management software report. You can also browse IT management product reviews and insider tips by visiting the Business-Software.com IT management resource center.