Securing Mobile: Protect Data for New Workstyles
The way we work is continually being shaped by the devices we use outside the office. Bring-your-own-device (BYOD) policies have introduced new waves of consumer tech into the workplace, while employees who use tablets and smartphones at home now expect corporate IT systems to deliver the same ease of use and intuitive interfaces.At the same time, the traditional idea of the office as a building bounded by four walls is being replaced. Employees increasingly need to be able to work outside the office and access workplace systems and data from home or the road.
All of these changes present a challenge to IT departments, which need to facilitate changing working patterns while still making sure their company's mobile working environment is just as secure as other crucial aspects of the business.
The Shift to Mobile Working
While protecting desktop computing and office-based systems has traditionally been the priority for IT departments, the shift to mobile is opening up new fronts in the battle to keep businesses secure.Mobile environments face many of the same threats as office-based systems: Phishing and spoofing attacks can snare unsuspecting users into giving away their passwords and logins, and spyware can be used to harvest corporate data.
But mobile also brings with it a whole new range of risks: Carelessly downloaded apps can gather sensitive information about not only the user, but their wider network, while the piecemeal nature of consumer tech's arrival in the workplace means much of it may be installed outside of the company's traditional defenses.
If your mobile security is not fit for purpose, the penalties can be substantial. Recent changes to data legislation mean that breaches due to poor security can mean significant costs for a company, from fines to downtime and reputational damage. And thanks to the increased importance businesses are putting on information governance, security is now a board-level issue: failure can cost senior execs their jobs.
Balancing Security and Strategy
How can businesses keep on top of the changing mobile threat environment, while still delivering a mobile working environment that meets users' needs? Keeping mobile technology sufficiently secure is a delicate balancing act for organizations: They need to make sure systems are protected from criminal attacks as well as insider threats, but without putting up too many roadblocks to company workflows, as staff will bypass security measures that get in the way of them doing their jobs, leaving data exposed.
Building a mobile security strategy that's fit for purpose means taking a clear-eyed look at organizational strengths and weaknesses, and building a people-focused approach to match. Perhaps most important of all, businesses need to continually review their security strategy: Good security policies are those that develop as the business develops.
For more on how to build the right strategy for secure mobile working,