By Patricia Titus, Vice President and Chief Information Security Officer
Everywhere you go these days, you see smartphones and tablets. There’s no question that these incredible devices have transformed our lives and made it easier than ever to conduct business and access corporate information. From accessing email in the airport to video conferencing at home, mobile devices are enabling more people to be more productive in more places.
Mobility Has Become Mainstream
Smartphones – and, to an increasing extent, tablets – have officially arrived as a bona fide business tool. A majority of organizations (59 percent, according to Symantec’s recent State of Mobility Survey) are now making line-of-business apps available remotely. In addition, 71 percent are even considering the creation of a corporate app “store.” Why? It has to do with IT agility. Given the pace of business today, the ability to react quickly provides a significant edge over the competition, through such benefits as increased efficiency and reduced time needed to complete tasks.
The Impact of Mobility
While the benefits are significant, the risks of mobility are impacting organizations. Survey respondents rated mobility as the highest security risk in IT, showing a high awareness of the potential liabilities as data is taken outside the protective walls of the company. Businesses of all sizes are experiencing a variety of damages from security breaches, including loss of sensitive information, intellectual property and brand damage. According to Symantec’s 2012 State of Mobility Survey, on average, businesses globally incurred USD$247,000 in damages over the past year. Large enterprises and small businesses are largely experiencing the same kinds of loss, but to a very different degree – small businesses averaged $126,000 of loss, while enterprises averaged $429,000.
These losses underscore the need for intelligent management of these devices. And organizations are responding, increasing the resources they are allocating to mobility. Nearly a third of IT staff is now involved with mobile computing on some level. They are also keenly aware of the risks and are actively considering a variety of security measures, although most still have yet to apply them. But despite the setbacks and challenges, most feel that it’s worth it.
In order to implement a successful mobility plan, here are some best practices you can implement to improve your ability to keep an efficient mobile workforce while keeping risks to a minimum:
- Enable Purposefully: Poll employees to find out what they need access to and then enable access securely. Proactively develop a plan to provide line-of-business apps that will improve productivity while minimizing risk.
- Think Strategically: While planning your mobile strategy, explore the risks it presents, and take a cross-functional approach to keep data secure wherever it resides.
- Manage effectively: Keep in mind that smartphones and tablets are endpoints, and take steps to secure them accordingly. Mobile management should be integrated into the overall IT management plan, and policies should be developed and enforced as with other areas of technology.
- Enforce Appropriately: You may need to create or adjust corporate policies to accommodate devices that are corporate- and employee-owned. Looking forward, organizations should plan for accommodating new devices being brought into their infrastructure as they’re brought to market.
- Secure comprehensively: Remember that it’s not just devices at risk, but the information they contain. Basic password policies should be supplemented with technologies that include data loss prevention, encryption, authentication, anti-malware, and the ability to remotely wipe and kill the device to provide complete protection.