Mar 31, 2014

Using personal devices in the workplace has become more of a commonplace occurrence, but so too has the potential for data breaches. While sharing business files has never been easier, mobile hardware is creating more opportunities for malware to compromise sensitive information. The upside is that there are steps employees can take in order to protect their devices, however they must follow best practices and ensure that they are keeping pace with necessary updates.

Threats from the inside
Bring-your-own-device initiatives have substantially changed how organizations operate and what security measures are used to guard sensitive assets. While there are some threats that come from criminal sources, a vast majority of the risk stems from employee inadequacies, mHealthNews reported. According to research by the Ponemon Foundation, 80 percent of all attacks were the result of system glitches, incompetence and negligence. The number of breaches and other compromising situations are on the rise, as demonstrated by the 90 percent of respondents who had an incident in the past two years.

As more organizations allow their employees to leverage their mobile devices, there is rising concern over security capabilities and the potential threat from internal sources. Three-quarters of participants viewed workers as their biggest risk to data protection, despite the 88 percent that permit their staff to use mobile hardware in the workplace. As the danger increases, organizations will need to establish mobile access control to govern authorization capabilities and ensure that unapproved individuals can’t view business files.

“We are reporting some positive results,” Ponemon Institute founder Larry Ponemon said, “but the percentage of breaches is still very high. There’s been a tidal wave of BYOD and a lot of folks who fought the battle saying ‘we can’t use unsecured devices’ are giving up.”

Using effective security measures
While there are programs that facilitate secure file sharing, many organizations are still struggling to catch up to current demands, Information Management reported. According to Infonetics Research, nearly 50 percent of decision makers choose to wait for security features to be integrated into their operating system, and another 50 percent have contained sensitive information to handle lost or stolen devices. The recommended encryption and remote wipe approaches are key assets for only 15 percent of respondents. This leaves data open to substantial vulnerabilities and companies will not be able to effectively deter breaches. By integrating a solution such as Memeo C1, organizations will be able to control employee hardware from a single console, monitor data location and enable advanced security capabilities.

Preventing shadow IT growth
With the popularity of consumer file sharing solutions, the presence of shadow IT is becoming more prevalent on a daily basis. According to a recent Telsyte survey, while half of responding organizations approve of personal app use, nearly two-thirds of the businesses have staff that are following the trend. To make matters worse, more than a quarter of companies have no restrictions on the programs being leveraged in the workplace. These practices make it significantly easier for malicious parties to manipulate and steal information, which could produce costly fines and lead to considerable losses, CIO reported. However, 80 percent are not planning to officially support using personal programs.

“Local businesses can take advantage of the emerging BYOA trend by allowing staff to be productive with public software. However, in many cases this will need to be balanced with the security and integration requirements of corporate IT,” Telsyte said. “If businesses ban BYOA outright they will miss out on productivity and innovation that comes with people managing their own IT requirements.”