Simply Security - News, Views, and Opinions from Trend Micro

Posted on March 16th, 2012 in Privacy by Simply Security | Be the first to comment | Tags: Privacy

Decision-makers need to keep data security in mind during BYOD implementations.

Innovations in technology continue to push businesses forward, allowing them to improve efficiency, agility and portability. More organizations today are also allowing individuals to work remotely, yet still have the same access to applications and data as they would in the office. Although utilizing cloud computing, unified communications and other solutions that enable these capabilities can improve operations, security risks also increase.

As businesses move forward in the post-PC era, decision-makers need to be sure they keep data security policies on par with innovations. This is especially important when employees can utilize their own computing gadgets in the office as a part of a company's BYOD (bring your own device) program, according to a new study by CompTIA.

A recent global study by managed services provider Avanade found that nearly 90 percent of organizations allow employees to use their own electronics at work. The reasons for implementing these policies vary across the board. The majority of executives, however, find the productivity gains generated from having anywhere access far outweigh the worker morale or responsibility enhancements.

"Mobile technologies are helping to increase productivity and competitiveness, they are a terrific platform for innovation, but we must also consider the vulnerabilities that mobility introduces and be prepared to address them,” CompTIA chief executive officer Todd Thibodeaux said. “With more companies adopting a BYOD or bring your own device policy, it’s more critical than ever that businesses and policy makers consider the security and privacy implications of these actions."

The CompTIA study found that roughly 84 percent of respondents use smartphones for email, web browsing or to perform light work. Tablets, on the other hand, can be used for a broader range of operations and are being adopted for the enterprise at a faster rate than smartphones.

"Mobile devices and working in a mobile environment opens up new vulnerabilities, particularly in the area of privacy," Brookings Institution's center for technology innovation research director Allan Friedman said. "Having clear industry best practices can help establish guidelines for and encourage good, pro-consumer behaviors.”

Implementing effective data loss prevention policies, for example, can deter both inside and outside breaches. Placing the strongest data protection tools on a company's most important assets should be the first step in these programs, according to an InformationWeek report. Next, decision-makers should train employees on safe practices when using mobile devices to access the network outside the office.

Employees should be aware that all information is monitored, analyzed and audited. As a result, workers will feel less inclined to perform actions that would pinpoint them as the culprit behind an insider breach, InformationWeek noted.

According to a recent study by the Ponemon Institute, 59 percent of survey respondents said their employees often disengage security tools, like passwords, on their mobile devices to access data more quickly. Fifty-one percent of participants said their organization experienced a data breach within the past year because employee devices lacked the proper data security tools.

The consumerization of IT continues to bring new mobile technologies into the enterprise. As businesses make changes in their polices to adapt to new trends, chief information officers and other decision-makers need to ensure their networks remain secure, regardless of where or how it is accessed by employees. By implementing the right data security tools and educating workers on how to properly use portable gadgets, organizations may be able to reduce the chances of experiencing a breach.

Consumerization News from SimplySecurity.com by Trend Micro