Mobile security is a hot topic — but it may not be hot enough. Mobile data leaks are detrimental to a business.
Today’s knowledge workers are walking around with extremely valuable corporate data on their notebooks, tablets and smartphones. And, according to a 2014 InformationWeek report, 45 percent of companies surveyed suffered data loss when a mobile device went missing over the past year.
Since many security incidents go unnoticed, your enterprise data may have already fallen into the wrong hands. But even if it hasn’t, the mere risk of a data breach can be sufficient grounds for a compliance violation.
Remote Wipe Is Just the Beginning
Unfortunately, many mobility managers get lulled into a false sense of security simply because they can remote wipe a device that is reported missing or stolen. While remote wipe is an important option, it’s far from sufficient by itself. It doesn’t, for example, protect data during the lag time between when a device goes missing and when it’s reported, nor does it mitigate the risk from an employee’s careless behavior.
To protect companies from the loss or misuse of data, IT must tighten and enforce mobile device policies, using these questions as a guide:
- Should copy, cut and paste be disabled for certain documents? Which ones, and how?
- Should there be an app blacklist? Should there be a white list?
- Are there documents that should be viewable online only over a secure network connection?
- What restrictions are appropriate to enforce on personal mobile devices that are used for work?
- How can IT protect sensitive documents if and when they are shared with contractors and other trusted third parties?
Addressing these issues requires the right combination of mobile device management, mobile application management and mobile content management. But those solutions are just the “how” of security. Before deciding on a defense, companies first need to determine what needs protection. And that is often where they fail to be sufficiently diligent or aggressive.
There is obviously some complexity and hard work involved in moving past the basics of remote wipe to a complete mobile data loss prevention (DLP) strategy. But the work has to be done. By the end of the 1990s, most of us had successfully implemented DLP in our distributed PC environments. Given how much more our businesses now depend on data — and how much more data is floating around — we need to bring that same level of DLP to today’s mobile world.
Help can be as close as working with the right partner in determining both the “what” and the “how” of mobile DLP. We offer best practices gleaned from thousands of mobility implementations across companies of all sizes, in all markets. And we have the right technology mix to optimize an organization’s security posture while keeping operational burdens to a minimum.
Mobile risk is real. Start mitigating it now.
Check out CDW’s collection of mobile security white papers, articles and data sheets to protect your company today.