Mobile platforms are flooding into enterprises, whether it's through BYOD "consumer" apps like Dropbox, or from internal development teams creating apps for on-the-go employees. Just like SaaS and Cloud solutions, we now have more data in silos. And the same goes for security issues, with the added kicker that an entire device full of data and other compromising information can be easily lost or stolen. Quite frankly, the very people who want mobile platforms available for work also present the biggest security risks to enterprise data assets.
The knee-jerk reaction of many enterprises has been to try to block or limit the use of mobile devices and applications. This is not an option – the floodgates are open. In fact mobility is critical in enabling a distributed work model for a global workforce. It's clear that not only do many employees want to work this way -- for many corporate roles, mobile empowerment is essential.
There is a deluge of mobile data being created by mobile apps, that is stored on devices or in the cloud. Many times this data must be integrated with on-premises systems, which introduces new proprietary APIs and challenges for integration processes. Employees, including upper management, also want all kinds of data from internal systems available on a mobile interface, including complex data visualizations. Data is definitely at risk as mobility proliferates:
Loss or theft of smartphones, tablets, and laptops compromises corporate data and access to enterprise systems
- Many people mix professional and personal usage on a single mobile device, such as a single consolidated "Inbox" for all email accounts -- this opens the door to sending proprietary corporate information to and from non-corporate accounts, and even to the wrong recipients
- Mobility can lull people into forgetting whose data and information they are handling. Without physical corporate walls to remind them, they can inadvertently expose data and credentials
- Malware on mobile devices is on the rise with obvious implications for data security
Proactive Policies - Fluid Security
In anticipation of potential mobile security issues, enterprises need to lay out plans to manage the associated risk. First, upper management should develop a realistic strategy for mobility. Then data security and management strategies must be created that map into the corporate mobile strategy, and also align with corporate data governance practices. Finally the enterprise must put policies and practices into place, with straightforward education for employees about how mobility will work.
As with on-premises and cloud data sources, enterprises must proactively develop thorough data management and governance plans to secure the data sources themselves, as well as guidance for the bi-directional movement of data and integration processes.
A mobility security plan must be flexible to allow high volumes of interaction, but extensive enough to moderate risk and meet compliance standards. Enterprises can turn to advanced security tools to provide coverage for the internal and external sides of the mobile data equation. Mobile technologies are rapidly evolving along with employee usage – enterprises must keep pace by adopting ever-changing approaches to sophisticated protection and risk management.
Image source: IdroidWeb
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I've been compensated to contribute to this program, but the opinions expressed in this post are my own and don't necessarily represent IBM's positions, strategies or opinions.
About the author: Julie Hunt understands the overlap and convergence of many business processes and software solutions that once were thought of as "separate" – and how this impacts software Vendors and Buyers, as well as the strategies that enterprises implement for how technology supports the business and its customers. Julie shares her takes on the software industry via her blog Highly Competitiveand on Twitter: @juliebhunt For more information: Julie Hunt Consulting – Strategies for B2B Software Solutions: Working from the Customer Perspective