- Failure to take adequate mobile security measures can leave your business open to security risks.
- Unsecured mobile networks are often exempt from IT security measures such as data loss prevention.
- Employee-owned and company-owned devices are subject to a different set of IT security protocols.
Mobile devices allow employees to stay connected and accomplish tasks on-the-go – a fact that bodes well for productivity and connectivity and sets the stage for an increasingly agile way of doing business. Smartphones and tablets also promise greater flexibility and turn telecommuting into a viable working option; qualities that score points with staff and help attract and retain top talent.
However, businesses that are well-versed in the benefits of mobile technology are less educated when it comes to the risks, with only 37% of respondents to the PwC Global State of Technology Survey implementing a security strategy for this emerging channel.
Unfortunately, failing to take proper mobile security measures can spell disaster for your business, and leave your data vulnerable to a host of security concerns and threats.
Here are three major factors to consider when tailoring a mobile security strategy for your workplace:
Unsecured mobile networks increase IT risk.
The rapid adoption of mobile technology has seen mobile apps proliferate at the rate of knots, with over 1.3 million apps available for download according to a 2012 forecast by IDC.
However, the consumer obsession with apps is creating wide-scale spikes in mobile traffic, as users surf the net via their mobile across cellular data networks and Wi-Fi. For companies, this represents a major risk, as employees who store sensitive work information on their mobile devices transfer the data without giving a thought to security. This is exacerbated by the fact that most mobile browsing makes use of unsecured networks, making it impossible for IT to block unwanted sites or introduce data loss protection measures.
Social networking sites can invite threat from cybercriminals.
PwC’s Managing Security in a Mobile World report identifies that employees who access social networking sites through mobile apps often put sensitive company information at risk and leave the door open to attack from cybercriminals.
The trust-based nature of social networking sites can see users clicking links from friends that could be potentially infected with malware or inadvertently share confidential information that might fall into a competitors’ hands.
Employee-owned devices complicate IT governance.
The rise of employee-owned devices in the workplace have sparked new challenges for governance, as legal barriers prevent IT departments from exerting the level of control applied to company-owned devices. This is complicated by the number of C-level executives obtaining policy exemptions to use their own devices, accelerating the risk of data leaks by keepers of the company’s vital information.
Managing mobile security
So how do companies capitalise on the benefits of mobile technology while staying one step ahead of the risks? They should start by training employees on the issues associated with mobile technology and encouraging them to equip their devices with security hardware and tools.
Businesses should also revise security policies to address mobile-specific security risks and take a big-picture approach to IT security that allows for the complexities of the new mobile-centric workplace.
What steps have you taken to improve your security strategy for mobile technology?