• June 16, 2016

Hidden but Present Danger: The Security Pitfalls of Mobility

Plan for mobile devices or expose your enterprise to breaches.

Ten years ago, when BlackBerrys filled the pockets of enterprise employees, most CIOs weren’t overly concerned with how to handle the risks related to mobility in the workplace. Today, addressing those issues is mission critical. By failing to understand, plan for, and address the slew of devices, operating systems, apps, and content that modern enterprise employees rely on, CIOs could be exposing their organizations to potentially devastating security breaches.

Unfortunately, protecting against these threats is much easier said than done.

So, what’s the answer? As hard as policing enterprise mobility can be, don’t let someone convince you that you can’t control it. Ultimately, you have a fiduciary responsibility to make sure your company doesn’t go belly-up. And if you don’t have proper mobility protocols and training in place, that’s precisely what could happen.

As you examine what that means for your organization, here are a few pieces of universal advice to consider.

1. Protect Data at the Time of Creation

Most enterprise organizations today have a policy in place that immediately encrypts devices that are used for any corporate purpose. While that’s a positive step forward, it has zero impact on the content that users create, share, or send after that device has been encrypted.

The solution for this is to prevent users from sharing files via email, file-sharing services, USB, etc., or—even better, to encrypt and protect files when they are created. The notion of preventing employees from sharing files is difficult to conceive and impractical to implement. So instead, protect your files—encrypt and assign controls on who has access and what can be done to the file once permission is granted.

2. Invest in Employee Education

Once those protections have been put in place, the next logical step is to consistently train, teach, and educate employees on what they can and can’t do, what phishing attempts look like, and how they can protect their (and the organization’s) information. Ultimately, there’s no technology that’s going to protect you from every threat. The absolute best way to protect your company from preventable threats is to ensure everyone is educated and accountable.

3. Make the Appropriate Investments in Infrastructure

There are millions of attempted cyber attacks every day. Even with the best policies, systems, controls, and education in place, they’re impossible to fully protect against. To embrace enterprise mobility and protect your organization, investing in the right infrastructure is critical.

At the end of the day, unprotected mobile devices can give hackers the keys to the kingdom—your network—and ultimately, a clear line of sight into your data center. The right infrastructure will allow you to detect and counterattack breaches at the point of infiltration.

This won’t solve the issue of protecting every mobile device. But it will allow you to prepare for and react to security issues as quickly as possible.

Like this story? Read more about why you really can’t ignore the mobile revolution.