While businesses and employees are increasingly demanding mobility in the world of work, enabling this level of flexibility raises a number of security concerns.
Bring your own device, or BYOD, policies have given employees greater freedom than ever before but have also significantly raised the risk of corporate data loss.
For many, mobility and security are mutually exclusive, with the former compromising the latter. Companies are increasingly allowing staff to use their own personal devices in their working lives, but when corporations do not own devices, it is much more difficult to guarantee their security.
Moreover, increased mobility inherently suggests a larger number of devices entering the corporate world, particularly smartphones. More devices generally means more opportunities for vulnerabilities to exist and security breaches to occur. With the growth of connected devices set to continue, mobility can cause major headaches for IT technicians.
According to Chandar Venkataraman, chief product officer at data protection firm Druva, enhanced mobility has made security a far more complex challenge.
"With the rise of the mobile workforce, organisations must establish strategies to govern not only corporate and employee-owned mobile devices, but also the multiple channels that are now required to make data available anywhere on any device. The increase in complexity is staggering," he said. "Technology solutions are going to become increasingly important in identifying, preserving and collecting content from end user devices for all aspects of governance.”
Mobility also raises a number of other issues surrounding data governance. If businesses do decide to opt for mobile programmes like CYOD (choose your own device), they need to consider not just their own security, but also the privacy of their employees. Businesses must make it clear who ultimately owns mobile devices and if there are security guidelines regarding corporate data. If organisations are able to remotely wipe devices, this should also be made clear to members of staff and the opportunity to back-up personal information may be provided.
With the increased fragmentation of corporate and personal data emerging from greater mobility, traditional approaches to data governance are no longer applicable.
Instead, many companies are employing a mobile data management (MDM) solutions to more effectively control and secure data. MDM software enables businesses to encrypt sensitive data and manage which employees have access to particular information. The flexibility of MDM platforms means that organisations can set up bespoke security protocols that are suited to their specific needs, without compromising mobility.
It also enables personal and corporate data to remain separate and lets IT leaders monitor and regularly update applications.
The constant and automated maintenance of applications is another crucial approach to modern data governance. With many businesses placing legal ownership of devices into the hands of their employees, they need to focus on software and which applications can access company data.
Organisations need to regularly assess the security of all their applications and services, whether they are on-premise, cloud based or mobile. They also need to be fully up-to-date with any regulatory issues surrounding mobile data, privacy and security – particularly as these are subject to change over time.
Mobility and other security threats facing modern businesses will be major topics of discussion at this year’s IP Expo, taking place on the 20-21 May at Manchester Central.