Mo­bile or­gan­i­sa­tion

Finweek English Edition - - INSIGHT - MO­BILE US­AGE IN

to­day’s cor­po­rate en­vi­ron­ment has sky­rock­eted. We now find our­selves liv­ing in the bring-your-own- de­vice (BYOD) era – where em­ploy­ees use per­son­al­ly­owned smart­phones, tablets and lap­tops in their day-to-day work – and it’s be­com­ing the rule, rather than the ex­cep­tion.

How­ever, what com­pa­nies gain in pro­duc­tiv­ity and cost-sav­ing ben­e­fits from the BYOD trend (known as the con­sumeri­sa­tion of IT), can be lost in poor con­trol and flimsy pol­icy. More mo­bile de­vices are be­ing used to con­duct busi­ness on the move and hack­ers are con­stantly look­ing for new ways to ex­ploit the mo­bile plat­form. THE POST-PC DESK­TOP ERA While the post-PC desk­top era al­lows for greater free­dom and flex­i­bil­ity by al­low­ing em­ploy­ees to work on their plat­form of choice, it places strain on tech­ni­cal sup­port teams.

Tra­di­tion­ally, I T de­part­ments worked in a desk­top PC and ho­mo­ge­neous smart­phone en­vi­ron­ment where Black­Berry ruled the roost as the only en­ter­prise-ready de­vice. Now, with the aver­age em­ployee us­ing two or three dif­fer­ent pieces of mo­bile tech­nol­ogy, there is a va­ri­ety of de­vices (HTC, Nokia, Sam­sung, Ap­ple) and op­er­at­ing sys­tems ( An­droid, i OS, Win­dows) whose mo­bile se­cu­rity has to be ac­counted for and man­aged. SE­CU­RITY RISKS Lutz Blaeser, MD of In­tact Se­cu­rity, says that the chal­lenges that BYOD poses are many. “With BYOD, em­ploy­ees are no longer func­tion­ing within the tra­di­tional com­pany pa­ram­e­ters and net­works. Data now needs to be pro­tected out­side the com­pany, on mul­ti­ple de­vices, in many en­vi­ron­ments. In­stead of se­cur­ing the de­vice, businesses need to look to se­cur­ing the ac­tual user.”

He ex­plains that when a mo­bile de­vice con­nects to a pub­lic or 4G net­work, se­cu­rity teams lose vis­i­bil­ity be­cause ap­pli­ances can­not see the traf­fic, and only by hav­ing to­tal vis­i­bil­ity over de­vice us­age and user ac­tiv-ities, can a busi­ness have suf­fi­cient pro­tec­tion.

Ac­cord­ing to a Kaper­sky Lab white paper ti­tled Se­cu­rity tech­nolo­gies for mo­bile and BYOD, the vol­ume of new mal­ware that is specif­i­cally tar­get­ing mo­bile de­vices is grow­ing at an al­most ex­po­nen­tial rate. The na­ture of many of the new mal­ware at­tacks is also be­com­ing in­creas­ingly so­phis­ti­cated – as cy­ber­crim­i­nals recog­nise the value of the in­for­ma­tion which they can steal from mo­bile de­vices. A BYOD GAME PLAN Blaeser says that a good step to­wards BYOD se­cu­rity is mak­ing sure that no in­di­vid­ual has ac­cess to busi­ness data that that they do not specif­i­cally need.

“Un­der­stand what data is stored on the de­vice, de­cide how long it needs to l i ve on this de­vice, and whether it is there only when on­line or if it is also cached for fre­quent us­age.”

In ad­di­tion, he says, en­crypt­ing cor­po­rate data is im­por­tant. En­cryp­tion pro­tects sen­si­tive data on users’ desk­tops, mo­bile de­vices, flash drives, in email, and more, mak­ing reg­u­la­tory com­pli­ance eas­ier.

Tightly con­trolled BYOD poli­cies are also vi­tal, Blaeser says. “Many de­vices are lost or stolen on a daily ba­sis. Businesses should in­sist upon the in­stal­la­tion of a light­weight, high­per­for­mance, anti-virus so­lu­tion and en­force pass­word use. Make sure that your users have a se­cu­rity tool in­stalled that al­lows for re­mote lock­ing of the de­vice, and for the re­mote wip­ing of all data on the de­vice.”

Fi­nally, ed­u­cate staff, as phys­i­cal se­cu­rity is the first and best de­fence. Make sure they know bet­ter than to leave de­vices logged on to web­sites, email or net­works.

Newspapers in English

Newspapers from South Africa

© PressReader. All rights reserved.