Managing the mobile security paradigm
- — 09 August, 2012 13:20
There have been profound changes in recent years in the way that people work. Mobility, virtualisation and globalisation have extensively altered how business is conducted. These changes mean that updated and upgraded security systems are needed to ensure data security.
There are new collaborative methods to help companies manage their information systems, solutions for virtualising information applications and cutting excessive investments are springing up and fresh hardware is delivering more mobility every day. But with these altered usage patterns come new threats and risks to security.
Professional and personal data confusion
Mobility is becoming an increasingly important aspect of business, and workers using devices such as smartphones or tablets to access the corporate network are quickly becoming ubiquitous.
However, there is a trend towards employees bringing their own device to work and using their personal smartphone or tablet for professional as well as personal purposes. This consumerisation of computing, with its permanent connection to the corporate network, increases the potential danger of data leaks if the device is lost or stolen. There is an increased risk of professional/personal data confusion, potentially resulting in legal penalties for the business and serious risk of virus and malware issues, as many personal devices are not properly protected.
Recent technologies such as cloud computing and social networking are helping to create these new usage patterns and ways of sharing information. These changes require a much higher level of transparency. Considering many organisations are increasingly subject to compliance regulations, it is vital to have strong and secure information systems in place. Companies need to identify and protect confidential information and show due care and diligence in protecting this information, not just for their own privacy but also for their customers.
Threats to companies are proliferating at an exponential rate. On average, there are 2,000 new threats every day adding to the estimated 45 million viruses already in circulation.
Attacks are more targeted and sophisticated than ever before, representing a substantial threat to businesses, government and sensitive infrastructures such as the military, utilities, hospitals and others. This makes having appropriate security defences in place for mobile devices paramount. With so many threats out there, the chance of a breach is just too high.
For internal protection against these clandestine threats, strong security infrastructure is required to protect organisational communication and information systems and ensure that everyday business is not disrupted. Different solutions to consider include firewalls, filters for incoming and outgoing web and mail data, IT infrastructure segregation for extranets, partner networks and strong intrusion detection systems that can identify unusual activities and suspicious behaviour and stop threats from infiltrating the corporate network.
External end-user protection is also crucial and may initially seem like a straightforward issue, but becomes increasingly complex when you factor in the multiple devices in use by many workers, in many locations. There are many security systems to consider, such as user authentication and authorisation, secure communications between users and corporate networks, security monitoring to provide transparency and validation of the compliance process and day-to-day security reports and monitoring.
A balance between protection and freedom
However, it is critical to maintain a balance between protection and freedom, as too much complexity within security systems can overburden the network, slowing down application response times and making it difficult for employees to access the network when needed.
Too many different solutions can also have the undesirable result of creating loopholes and system vulnerabilities, making it easier for cybercriminals to infiltrate the network and exploit confidential information.
Implementing appropriate security for the new working paradigm may seem like a formidable challenge. However, mobility does not have to be a risk for organisational security – with the right solutions in place, it can create new efficiencies and cost savings while allowing the workforce to work anytime, anywhere.