Does your organisation have a 'data fairy godmother'?
Salacious headlines around security breaches continue to dominate the media. Capped by recent Hollywood studio attacks and emails being made public, it seems there is no end in sight for this type of cyber attack to attract the public's interest. Recent breaches have sparked mass uncertainty in digital security measures and have left consumer and business users alike, concerned about the security of personal information. Device manufacturers have experienced a backlash from users, calling for stronger security measures.
This is followed by the recent release of the Office of the Australian Information Commissioner's annual report, which revealed it had received a 30 per cent increase in the number of written privacy enquiries and a 183% increase in the number of privacy complaints.
Everyone remembers that in 2014, former US National Security Agency (NSA) contractor Edward Snowden singled out Dropbox for being “hostile to privacy”. Snowden claimed the cloud-storage provider lacked the security measures to protect users against government snooping because it controls the encryption keys, making it capable of sharing data stored on its servers with the government.
However, a transformation has been taking place over the past several years with manufacturers delivering world-class consumer products and providing users with more power and freedom to share information than they have ever had before on mobile devices. While this is a positive step forward, a potential implication of this development is the syncing of corporate data to consumer outlets (i.e. syncing corporate content to iCloud, Facebook, LinkedIn, etc). It is a conundrum facing many Australian enterprise security teams today who are struggling to keep pace with using basic MDM products to control the innovative and powerful consumer functionality for work-related activities.
Australians are, without a doubt, living in the data era – in an individual and corporate capacity. With mobile devices increasing accessibility, users and businesses alike are seeking protection from a ‘data fairy godmother'. The continued headlines around security breaches shine a spotlight on the fact that data security continues to take a back seat.
Clearly, there is an ever-present need to promote greater security awareness.
From a business perspective, IT departments looking to deploy BYOD in their organisations often use legacy MDM technology to give employees access to files and work remotely on smart devices. However, this approach only manages the device without any differentiation between business and personal data. There is also nothing to keep the private data secure. The resulting implication from the lack of data differentiation is employers gaining access to employees' personal information including emails, documents, apps and pictures - a seemingly big ‘cost' to pay for the ability to use one's preferred mobile device at work. Will this trend lead employee privacy to become the next big corporate scandal?
Businesses also have their own corporate data to manage. The media frequently reports on stories about data leaks, which can be costly to businesses on both a financial and reputational level. However, this does not mean companies should ask employees to surrender their mobile devices and everything on it in an attempt to safeguard corporate data.
When there is a need to protect corporate and personal assets, businesses should look to a security solution that is capable of both. A containerisation approach is a simple answer – corporate data is stored in a secure container, entirely separate to the device owner's personal content.
Results from a recent Good Technology Mid-Market Mobility Trends Survey indicate that while many mid-market companies have deployed MDM-only solutions, 50 per cent of organisations with formal BYOD support have more user privacy concerns than those that don't.
There are applications available that minimise BYOD security concerns for IT managers, while protecting user privacy from intrusive location tracking or app monitoring techniques. These solutions are designed to accelerate entire deployments and enable users with secure mobile productivity in minutes. End-users can take advantage of mobile productivity on mobile devices – knowing their privacy is not being infringed upon, and IT organisations can easily scale their mobile deployments, safe in the knowledge that corporate data is secure.
This is an important step for companies today, but as user habits mature and mobility continues to evolve, mobile data security will become more complex. Businesses must take the steps now to set up a scalable solution, before it becomes too difficult to do so in five years' time.
David Balazsy is VP for APAC at Good Technology