Feature

Rampant: Mobile device security

Networks & Network Services

Rampant: Mobile device security

Adi Ruppin, WatchDox

Adi Ruppin, WatchDox

It wasn’t a great year for intellectual property. In 2011, organizations lost some of their greatest assets – their ideas – through document leaks that could have been prevented. Data leaks are more than inconvenient; they’re expensive, and they’re a dire threat to business.

A recent survey from The Ponemon Institute reports that on average, a data breach results in a 12% loss in brand value, and it takes approximately one year to restore an organisation's reputation.

So what can businesses do in 2012 to end document leaks and stem the estimated $6.5 billion lost through data breaches each year? For starters, they must take a realistic look at the way their employees do business and how to adapt document protection to that reality. That means it’s time to solve the problem of protecting information wherever it goes and however it is transmitted, including over mobile devices and to external stakeholders.

The proliferation of smartphones and tablets has been beneficial to business in many ways, but it has also introduced new risks. By 2015, analysts expect a billion tablets to be in use. Those tablets will store sensitive information, but too many companies fail to take any steps to secure this data. For those who do try, the attempts are often incomplete.

 

The point is not to suppress the use of mobile devices. Productivity requires that you allow your employees to use the latest technologies. However, the security precautions that are available inside the business break down as soon as a document has been stored on a mobile device. In highly regulated industries, the repercussions can be severe. There are, of course, also threats to any business operating in a competitive environment, which describes most of the market.

BYOD, or bring-your-own-device, is another major trend that will exacerbate the situation in 2012. With employees bringing in their own personal devices (not to mention external parties consuming documents on their devices) how can the enterprise protects its most important assets?

There is a theft threat here, too. Gartner estimates that 10 million mobile devices containing enterprise information will be lost in 2012. What happens to the data stored on those devices once they are gone? That question should prompt IT leaders to seek out capabilities to remotely manage and revoke sensitive data. Such capabilities would also solve persistent problems related to purposeful or accidental leaks by employees who might share data inappropriately.

Online file sharing companies, such as Dropbox, also pose risks to enterprises. They make it easy for employees to transfer large numbers of documents easily onto their mobile devices. This information can in turn be lost, stolen or forwarded to unauthorized users.

Finally, in 2012 enterprises should also stay aware of mobile malware. Mobile malware has reportedly grown mainly on Android devices that offer more openness compared to iOS devices. A few dozen applications have been reported to contain malware in the past year.  Such malware can potentially allow someone to take over the device and extract documents and information.

These tasks should be on every business’ 2012 mobile document security to-do list:

Make better password decisions - Talk to your employees about creating optimal, strong PIN codes and passwords for mobile devices; Deploy smarter technology - Look for solutions that protect and control your company’s information, especially data that resides on mobile devices. The right option should be capable of preventing sensitive documents from being removed from devices and should be able to track and destroy documents and information remotely if necessary.
Use antivirus software: While still a limited threat, mobile malware is growing. Several solutions exist that can mitigate that risk; Train your employees and set policies - The human element is often overlooked. Train your employees to avoid installing unknown software and to lock their devices, and set policies that exclude unsecure file sharing services.

Adi Ruppin is vice president of business development at WatchDox, a provider of document control, tracking and protection solutions that enable the confidential sharing of important or sensitive documents in an easy and secure way.The point is not to suppress the use of mobile devices. Productivity requires that you allow your employees to use the latest technologies. However, the security precautions that are available inside the business break down as soon as a document has been stored on a mobile device. In highly regulated industries, the repercussions can be severe. There are, of course, also threats to any business operating in a competitive environment, which describes most of the market.

BYOD, or bring-your-own-device, is another major trend that will exacerbate the situation in 2012. With employees bringing in their own personal devices (not to mention external parties consuming documents on their devices) how can the enterprise protects its most important assets?

There is a theft threat here, too. Gartner estimates that 10 million mobile devices containing enterprise information will be lost in 2012. What happens to the data stored on those devices once they are gone? That question should prompt IT leaders to seek out capabilities to remotely manage and revoke sensitive data. Such capabilities would also solve persistent problems related to purposeful or accidental leaks by employees who might share data inappropriately.

Online file sharing companies, such as Dropbox, also pose risks to enterprises. They make it easy for employees to transfer large numbers of documents easily onto their mobile devices. This information can in turn be lost, stolen or forwarded to unauthorized users.

Finally, in 2012 enterprises should also stay aware of mobile malware. Mobile malware has reportedly grown mainly on Android devices that offer more openness compared to iOS devices. A few dozen applications have been reported to contain malware in the past year.  Such malware can potentially allow someone to take over the device and extract documents and information.

These tasks should be on every business’ 2012 mobile document security to-do list:

Make better password decisions - Talk to your employees about creating optimal, strong PIN codes and passwords for mobile devices; Deploy smarter technology - Look for solutions that protect and control your company’s information, especially data that resides on mobile devices. The right option should be capable of preventing sensitive documents from being removed from devices and should be able to track and destroy documents and information remotely if necessary.
Use antivirus software: While still a limited threat, mobile malware is growing. Several solutions exist that can mitigate that risk; Train your employees and set policies - The human element is often overlooked. Train your employees to avoid installing unknown software and to lock their devices, and set policies that exclude unsecure file sharing services.

Adi Ruppin is vice president of business development at WatchDox, a provider of document control, tracking and protection solutions that enable the confidential sharing of important or sensitive documents in an easy and secure way.